QRishing

Short Description: Phishing variant employing QR codes^[1].

CAT ID: CAT-2024-011

Layer: 8

Operational Scale: Tactical

Level of Maturity: In Common Use

Category: TTP

Subcategory:

Also Known As: Quishing

Description:

Closely Related Concepts:

Mechanism:

Multipliers: Mobile device users have been found to be more likely to click on masked links compared to traditional computing systems ^[2]

Detailed Description: Threat actors create QR codes that redirect to malicious sites impersonating legitimate sites^[3].

INTERACTIONS [VETs]: Misdirection-Distraction (Exploit, CAT-2022-014)

Use Case Example(s):

Example(s) From The Wild:

↑ Schlienger, T., Teufel, S., & Wolff, C. (2013). QRishing: The susceptibility of smartphone users to QR code phishing attacks. In M. Bezzi, P. Dupré, & D. Naccache (Eds.), Emerging Security Information, Systems and Technologies (pp. 80-87). Springer. https://doi.org/10.1007/978-3-642-41320-9_4
↑ Almukaynizi, M., Redmiles, E. M., & Rader, E. (2023). What you see is not what you get: The role of email presentation in phishing susceptibility. Proceedings of the ACM on Human-Computer Interaction, 7(CSCW1), Article 2. https://doi.org/10.1145/3579618
↑ https://blog.knowbe4.com/qr-code-phishing-is-growing-more-sophisticated