chat
expand_more

One Year Later: Is QR Code Phishing a Fleeting Risk or an Enduring Threat?

Are QR code phishing attacks still a threat? Explore the latest trends in QR code phishing and how AI-powered solutions like Abnormal Security stop these sophisticated attacks.
September 11, 2024

QR code phishing attacks dominated headlines in the summer and fall of 2023, and the statistics were alarming.

QR Code Phishing One Year Later Blog Headlines

Attackers understood that QR codes were increasingly used for everything from marketing campaigns to file sharing. They also understood that the detection of malicious QR codes was difficult. With typically limited text content and a heavy reliance on image attachments, malicious QR codes can more easily evade detection.

The news cycle may have moved on from QR code attacks, but have attackers? Are QR codes still widely used to exploit individuals and organizations? Let’s take a look at the data.

QR Codes Attacks: Still Legit or Calling it Quits?

Abnormal protects more than 2,500 organizations, including 17% of the Fortune 500. This means we detect a lot of attacks. We’ve examined the attack data and identified some interesting trends related to QR code attacks—including the fact that malicious QR codes are still used in 1.9% of advanced attacks.

Among the QR code attacks we've detected, the distribution by attack type is as follows:

  • Credential phishing attacks make up 86% of all advanced QR code threats.
  • Internal-to-internal phishing attacks account for 6%, though these have sharply declined since early 2024.
  • Scam attacks and malware attacks each represent 1% of the total advanced QR code threats.

Without a doubt, threat actors are not calling it quits on malicious QR codes.

Real-World Example of Recent QR Code Phishing Attack

QR Code Phishing One Year Later Blog Example

In this QR code phishing attack recently detected and stopped by Abnormal, the attacker impersonates the HR department, urging employees to scan a QR code that supposedly reveals a new bonus distribution strategy. However, the QR code actually directs them to a phishing page designed to mimic a Microsoft login page. If an employee visits this page and enters their credentials, the attacker will have successfully stolen their login information.

The twist in this attack is that the entire email content is presented as an image, with all of the text embedded within it. Attackers frequently use this tactic in QR code attacks because it can bypass basic email detection systems.

The Abnormal Approach to QR Code Detection

One of the standout features of Abnormal’s AI detection engine is its ability to analyze behavioral signals, which enables the platform to identify anomalies in sender attributes, recipient behavior, and signals from attachments or links. Even before the recent surge in QR code attacks, Abnormal was already intercepting thousands of these threats every week.

Abnormal provides a powerfully complete solution to QR code attacks with its one-two punch of human behavior AI and a dedicated QR code detector. As QR code attacks became a significant concern in the security landscape last year, Abnormal responded by further enhancing its detection capabilities. Additional resources were allocated to release a QR code detector capable of identifying the presence of QR codes in attachments and extracting the embedded links. This advancement not only addressed market concerns but also strengthened Abnormal’s defenses against even the most sophisticated QR code attacks.

These efforts were recognized with the prestigious CRN 2024 Tech Innovator Award in the email and web security category, underscoring Abnormal Security’s leadership in the field.

The Verdict is In: QR Code Phishing Attacks Are an Enduring Threat

Attackers continue to leverage QR codes as a vector for advanced phishing schemes, especially in credential harvesting and other targeted attacks. The deceptive simplicity of QR codes, coupled with their ability to bypass traditional detection methods, ensures they remain a viable tool in the cybercriminal arsenal.

Security teams must stay vigilant, recognizing that even as attack methods evolve, QR codes still pose a significant risk to both individuals and organizations. Abnormal's ongoing commitment to enhancing its detection capabilities—exemplified by its award-winning QR code detector—demonstrates the importance of staying ahead of these threats. QR code phishing continues to be an enduring threat that requires proactive and advanced security measures to mitigate.


See for yourself how Abnormal can protect your organization from enduring and emerging threats. Schedule a demo today.

Schedule a Demo
One Year Later: Is QR Code Phishing a Fleeting Risk or an Enduring Threat?

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Proofpoint Customer Story Blog 8
A Fortune 500 transportation and logistics leader blocked more than 6,700 attacks missed by Proofpoint and reclaimed 350 SOC hours per month by adding Abnormal to its security stack.
Read More
B Gartner MQ 2024 Announcement Blog
Abnormal Security was named a Leader in the 2024 Gartner Magic Quadrant for Email Security Platforms and positioned furthest for Completeness of Vision.
Read More
B Gift Card Scams Tricker to Spot Blog
Learn why gift card scams are becoming more difficult to identify, how cybercriminals evolve their tactics, and strategies to protect your organization.
Read More
B Offensive AI 12 16 24
Learn how AI is used in cybersecurity, what defensive AI vs. offensive AI means, and how to use defensive AI to combat offensive AI.
Read More
B Proofpoint Customer Story Blog 7
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Read More
B Cyberattack Forecast Emerging Threats Blog
Uncover the latest email threats and strategies to strengthen your cybersecurity and prepare for 2025.
Read More