Kaspersky has reported a sharp rise in phishing emails using malicious QR codes in 2025, highlighting a growing cyber threat for organisations and individuals alike. According to the cybersecurity firm, detections jumped from 46,969 cases in August to 249,723 in November, marking more than a fivefold increase in just three months.
Cybercriminals are increasingly embedding QR codes directly into email bodies or hiding them inside PDF attachments. This tactic helps conceal malicious links from traditional security tools and pushes users to scan codes on their mobile phones, which often have weaker security controls compared to office desktops.
These QR-code-based attacks are being used in both large-scale phishing campaigns and targeted attacks. Victims are lured into scanning codes that redirect them to fake login pages posing as Microsoft accounts or internal corporate systems, fraudulent HR notices requesting document reviews, or fake invoices and purchase confirmations. In several cases, these scams are combined with voice phishing tactics, prompting users to call attackers under the guise of resolving a transaction issue.
Such methods exploit trust in routine business communications and can lead to credential theft, account takeovers, data breaches, and financial losses. Roman Dedenok, Anti-Spam Expert at Kaspersky, noted that QR codes have become one of the most effective phishing tools this year due to their low cost and ability to bypass conventional detection methods, especially when users scan them on mobile devices.
To mitigate the risk, Kaspersky advises organisations to strengthen email security with advanced solutions capable of analysing images and QR codes, and to promote safer scanning practices among employees to prevent credential compromise and downstream cyber incidents.
Send news announcements/press releases to:
info@techdisruptormedia.com
About The Author
