QRishing

Short Description: Phishing variant employing QR codes^[1]^[2].

CAT ID: CAT-2024-011

Layer: 8

Operational Scale: Tactical

Level of Maturity: In Common Use

Category: TTP

Subcategory:

Also Known As: Quishing

Description:

Closely Related Concepts:

Mechanism:

Multipliers: Mobile device users have been found to be more likely to click on masked links compared to traditional computing systems ^[3]

Detailed Description: Threat actors create QR codes that redirect to malicious sites impersonating legitimate sites^[4].

INTERACTIONS [VETs]: Misdirection-Distraction (Exploit, CAT-2022-014)

Use Case Example(s):

Example(s) From The Wild:

↑ Schlienger, T., Teufel, S., & Wolff, C. (2013). QRishing: The susceptibility of smartphone users to QR code phishing attacks. In M. Bezzi, P. Dupré, & D. Naccache (Eds.), Emerging Security Information, Systems and Technologies (pp. 80-87). Springer. https://doi.org/10.1007/978-3-642-41320-9_4
↑ Vidas, T., Owusu, E., Wang, S., Zeng, C., Cranor, L. F., & Christin, N. (2013). QRishing: The susceptibility of smartphone users to QR code phishing attacks. In Financial Cryptography and Data Security: FC 2013 Workshops, USEC and WAHC 2013, Okinawa, Japan, April 1, 2013, Revised Selected Papers 17 (pp. 52-69). Springer Berlin Heidelberg. https://kilthub.cmu.edu/articles/journal_contribution/QRishing_The_Susceptibility_of_Smartphone_Users_to_QR_Code_Phishing_Attacks_CMU-CyLab-12-022_/6468011?file=11896547
↑ Almukaynizi, M., Redmiles, E. M., & Rader, E. (2023). What you see is not what you get: The role of email presentation in phishing susceptibility. Proceedings of the ACM on Human-Computer Interaction, 7(CSCW1), Article 2. https://doi.org/10.1145/3579618
↑ https://blog.knowbe4.com/qr-code-phishing-is-growing-more-sophisticated