A new report shows QR code phishing is on the rise

Marielle Ursua via Unsplash

The Q3 2024 Phishing Report from KnowBe4 unveils the email subjects most commonly clicked in simulated phishing exercises.

According to the report, there was an increase in phishing campaigns that utilized QR codes. Common QR code phishing email subjects included DocuSign emails to sign an urgent document, Zoom meeting invitations and HR reminders for policy reviews. Since these emails often mimic HR, colleague, or external vendor correspondence, they can be easily replicated by threat actors. These pose a notable risk, as HR and IT-related phishing emails have 48.6% of global, most-clicked phishing types.

Furthermore, the report highlights the continued threat of phishing emails with malicious links embedded, as these persist as the primary attack vector of choice. The malicious links may include PDF attachments and spoofed domains, and when interacted with, can lead to cyberattacks such as ransomware and business email compromise (BEC).

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.