Latest Cyber Threat: Quishing or QR Code Phishing Method

What is Quishing?

Quishing is a phishing scam that uses QR codes to access a victim’s logins.

Cyber-criminals like QR codes because they can direct an unsuspecting victim to a malicious website or trick them into downloading a virus or malware and doing it in a less detectable way than other phishing methods.

Because QR codes require shorter HTML source code to embed a malicious link, most email filters check message content to block suspicious URLs, so quishing presents fewer “red flags” for defenses to detect.

Quishing emails appear similar to phishing emails, the main exception being the inclusion of a QR code, and both tend to mimic messages from legitimate companies.

Quishing emails are often disguised as multi-factor authentication notifications from Microsoft, DocuSign, or others. The Cyber-criminals hope to trick the victim into thinking their session has expired and they must authenticate again. The QR code sends the victim to a fake web page asking for account and credential information. Once that process is complete, the Cybercriminal can access the user’s account and data.

Stop QR Code Quishing? 

Armarius Software now protects against quishing as part of its Secure Safety Net phishing software solution. Using our next-generation phishing software solution, priority algorithms read the email for suspicious URL, including QR codes.

If you would like to learn more about our newest software solution to prevent Quishing, contact us at

Secure your email against threats with Armarius Software Safety Net

Know now what you need to know!

**Secure safety net is available with the Armarius Software complete suite of products for data loss prevention, user behavior monitoring, and analytics.