In 2025, Kaspersky, a renowned cybersecurity firm, uncovered an alarming rise in QR code-based phishing attacks. These attacks have gained significant traction, particularly targeting mobile devices.
The report highlighted a dramatic spike in phishing emails involving QR codes, with a staggering five-fold increase in such incidents between August and November 2025. The primary factor behind this surge is the weaker security tools present on smartphones compared to those on more robust work PCs.
QR code phishing is a sophisticated cyber threat that remains largely undetected by many traditional security systems. The malicious actors behind these attacks embed harmful QR codes either within the body of phishing emails or as attachments in PDF files.
When a victim scans one of these QR codes, they are redirected to a malicious website designed to harvest sensitive information, such as login credentials, banking details, or even corporate secrets. These types of attacks are particularly dangerous because they are often hard for users to spot, especially without the proper security measures in place.
Between August and November 2025, the number of QR code phishing emails surged from 46,296 incidents in August to a staggering 249,723 in November. This represents an alarming five-fold growth, demonstrating just how rapidly this type of cyber attack is proliferating.
The increase in QR code-based phishing attacks is particularly difficult to counter because mobile security tools are often less advanced than those found on desktop systems. This gap in security measures makes smartphones a prime target for cybercriminals seeking to exploit vulnerabilities.
The attackers behind these QR code phishing schemes often use cleverly crafted email subject lines to trick victims into taking action. They frequently pose as trusted entities like Microsoft’s customer support or other major tech companies, making the phishing attempt appear legitimate. Some criminals even impersonate human resources departments, sending emails with urgent notifications about documents that need immediate attention.
Other times, fake invoices or purchase receipts are sent to lure victims into clicking on malicious links embedded in QR codes, which may lead to further social engineering tactics like vishing (voice phishing).
The goal of these attackers is to build trust with their targets, often corporate employees, and gain access to sensitive company data. Once they have successfully gained access to the victim’s login credentials or other personal information, they can escalate their attacks or use the information for financial gain, corporate espionage, or identity theft.
One of the most concerning findings in Kaspersky’s study is the growing focus on mobile devices as the primary target. Hackers are well aware that mobile devices, such as smartphones and tablets, typically have less sophisticated malware detection systems. Many mobile devices lack the kind of in-depth security software found on personal computers, and this makes them highly vulnerable to malicious QR code scams. While desktop systems may have more advanced security tools, smartphones often rely on basic antivirus apps that are insufficient for detecting QR code-based threats.
As this trend continues to grow, it’s crucial for users to stay vigilant and cautious when scanning QR codes, especially those received via email. It’s also essential for organizations and individuals to invest in better mobile security solutions to protect against this emerging threat. Given the rapid evolution of cyber threats, it is evident that security tools will need to adapt quickly to stay one step ahead of cybercriminals.
In conclusion, the rise of QR code phishing in 2025 serves as a reminder of how rapidly cyber threats are evolving. As mobile devices become increasingly central to both personal and professional life, it is more important than ever to strengthen security protocols and educate users about the risks associated with QR code-based phishing.
Join our LinkedIn group Information Security Community!
