// THREAT DETECTION AND DATA PRIVACY TERM
Quishing
Quishing is a type of phishing attack that uses malicious QR codes to trick people into visiting fake websites or downloading malware. Attackers often embed these codes in emails, messages, or physical posters.
TECHNICAL DEFINITION
Quishing, a portmanteau of "QR code" and "phishing," is a social engineering cyberattack vector where threat actors embed malicious QR codes in various mediums, such as emails or physical advertisements, to redirect victims to fraudulent websites for credential harvesting or malware distribution.
BACKGROUND
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and traverses any additional security boundaries. Phishing remains the most prevalent type of cybercrime globally. While the Federal Bureau of Investigation's Internet Crime Complaint Center historically ranked it at the top, the threat has intensified significantly due to the integration of generative AI, which enables attackers to launch highly convincing, automated, and hyper-targeted phishing campaigns at an unprecedented scale.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- QR code phishing
- malicious QR code
- QR scam
- QR code attack
USAGE NOTE
With the widespread adoption of QR codes, quishing has become an increasingly prevalent and effective method for cybercriminals to bypass traditional email security filters.
DEVELOPERS
Organizations developing technology related to Quishing.
A leading cybersecurity company that provides advanced threat protection, email security, and security awareness training, including defenses against sophisticated phishing attacks like quishing.
Specializes in security awareness training and simulated phishing platforms, equipping organizations to defend against social engineering tactics, including emerging threats like quishing.
Provides comprehensive cybersecurity solutions, including mobile threat prevention and advanced phishing protection that identify and block malicious QR code-based attacks.
Specializes in human-driven phishing defense, providing threat intelligence and security awareness training to help organizations detect and respond to all forms of phishing, including QR code phishing.
Offers cloud-native security services, including secure web gateways and zero-trust access, which inspect and protect against malicious URLs and content, including those distributed via quishing attacks.
Develops endpoint, network, and mobile security solutions that include advanced threat protection, web filtering, and anti-phishing capabilities designed to counter evolving threats like quishing.
A global provider of cybersecurity software and services, offering robust protection for endpoints and mobile devices, capable of detecting and blocking threats associated with malicious QR codes and phishing attempts.
Offers comprehensive, integrated cybersecurity solutions, leveraging global threat intelligence from FortiGuard Labs to protect against advanced phishing techniques, including QR code-based attacks, across endpoints and networks.