Over recent weeks there has been an increase in quishing attempts in Northern Ireland.
What is quishing?
Quishing is a variation of a phishing email. Quishing emails request the recipient to scan a malicious QR code whereas phishing emails request the recipient to click on a malicious link or attachment.
How it works
- Cyber criminals send phishing emails containing a PDF or PNG image of a QR code. As the QR code has replaced the malicious link/attachment this can reduce the possibility of the email being classed as phishing.
- The requirement to scan the QR code increases the likelihood of the recipient using a personal device outside of the organisations web or anti virus protection.
- Similar to other phishing campaigns, once the recipient scans the QR code they are taken to a URL which may be hosting malware or a credential harvesting "sign-in" page.
Please see below example of a quishing attempt