QR Code Phishing (Quishing): The Complete 2026 Guide

Quishing — short for QR code phishing — is a phishing attack in which the malicious link is hidden inside a QR code instead of plain text. Because traditional email security filters parse text, not images, quishing routinely slips past defenses that would have caught the same URL in a normal phishing email. Attacks are growing fast: Keepnet Labs measured a 587% rise in quishing in 2023 (Keepnet Labs, 2026), and by 2025 QR codes appeared in roughly 12% of all phishing attacks (Keepnet Labs, 2026). This guide covers how quishing works, why it is so effective, what real attacks look like in 2026, and exactly how to protect yourself and your organization.

What is quishing?

Quishing is phishing where the bait is a QR code. The attacker prints or embeds a QR code that decodes to a malicious URL — usually a credential-harvesting page that mimics a familiar service (Microsoft 365, Google, your bank, USPS, IRS, your employer's VPN). The victim scans the code with their phone, the URL opens, and the rest of the attack plays out exactly like a classic phishing site: credentials are captured, MFA codes are proxied in real time, the attacker logs into the real account.

The crucial trick is the delivery channel. Hiding the URL in an image accomplishes two things at once:

• It evades text-scanning filters. Most secure email gateways (SEGs) strip URLs and check them against reputation feeds. They do not, by default, OCR every embedded image, and even when they do, attackers use distorted, colorful, or animated QR codes to defeat OCR.
• It moves the target off the corporate network. The victim opens the URL on a personal phone, which usually has weaker DNS filtering, no enterprise EDR, and no SSO conditional access. By the time the credentials are entered, every corporate control has been bypassed.

Where quishing shows up in the real world

Email-based quishing (the bulk of attacks)

Keepnet Labs telemetry showed QR-based phishing emails climb from roughly 46,000 in August 2025 to about 250,000 in November — a 5× jump in three months (Keepnet Labs, 2026). The most common pretexts are:

• MFA / password expiry: “Your Microsoft 365 password expires today. Scan the code to reset.”
• HR / payroll: “Open your Q4 bonus statement via the QR code below.”
• Shipping & mail: “Delivery failed — scan to reschedule.”
• Tax / government: “Outstanding IRS notice — verify identity by QR.”

Public-space quishing

Attackers print QR codes on adhesive labels and place them over real codes in public places:

• Parking meters and pay stations: the malicious code takes the victim to a fake payment page that captures the credit card. In late 2021 and early 2022, Austin, San Antonio, and Houston all reported stickered meters that pointed to a fraudulent “passportlab.xyz” site, prompting an FBI IC3 advisory (FOX 7 Austin, 2022, KXAN Austin, 2022).
• Restaurant and retail tables: a sticker over the real menu QR opens a clone of the ordering or payment page that takes payment details but never fulfills the order (FTC Consumer Advice, 2023, NBC News, 2025).
• Mailers and flyers: physical letters with QR codes promising tax refunds, package redeliveries, or charity donations (FTC Consumer Advice, 2023).

Crypto and payment QR fraud

Crypto wallet addresses are routinely shared as QR codes. Quishing variants either show a sender a QR for the “wrong” address (silently substituting one), or trick a recipient into scanning a payment-request QR that triggers a payment from the recipient rather than to them. Because crypto transactions are irreversible, recovery is essentially impossible.

Why quishing works so well

A few structural factors stack the deck in the attacker's favor:

• Users do not verify URLs. NordVPN's 2025 survey put the share of Americans scanning QR codes without verifying them at 73%, with more than 26 million estimated to have been steered to malicious sites (CNBC, 2025).
• Email filters cannot see the URL. The malicious link is rendered inside an image — usually a PNG or PDF attachment — so legacy text-scanning filters cannot inspect it. Cyble's “Scanception” campaign analysis found that nearly 80% of the malicious QR-bearing PDFs had zero VirusTotal detections at first sight (Cyble, 2025), and modern campaigns intentionally distort or fragment the QR to defeat OCR (Help Net Security, 2026).
• The phone is the weakest link in the chain. Personal mobile devices typically lack the DNS filtering, EDR, and conditional-access controls that protect a corporate laptop. Palo Alto Unit 42 specifically frames QR phishing as “phishing on the edge of the web and mobile” for this reason (Palo Alto Networks Unit 42, 2026).
• QR codes feel safe. A decade of legitimate use — menus, payments, boarding passes, vaccination certificates — has trained users to scan first and ask questions later.

How to defend yourself

For individuals

1. Always preview the URL before opening. Both iOS and Android show the destination in a banner. Read it; do not tap.
2. Use a reputation-checking scanner like Is This QR Safe? for any code you do not already trust. The full step-by-step is in our how to check a QR code is safe guide.
3. Treat stickered codes as suspicious by default. If a QR code looks added on rather than printed in place, do not scan it.
4. Move to passkeys. Phishing-resistant authentication is the only mechanism that meaningfully neutralizes real-time MFA proxying — the technique most quishing kits use.
5. If you fell for one, act fast. Change the password immediately, freeze the affected card, and watch the account for 30 days.

For organizations

1. Deploy QR-aware email security. Microsoft Defender for Office 365 now extracts URLs from QR codes embedded in email content and runs them through Safe Links (Microsoft Defender for Office 365, 2024), and Mimecast's URL Protect adds dedicated QR Code Phishing Scan (Mimecast, 2024). Turn QR-OCR features on; do not rely on legacy text-only filters.
2. Roll out phishing-resistant MFA. Passkeys (FIDO2) or hardware security keys are the only effective control against adversary-in-the-middle proxies.
3. Run targeted quishing simulations. Generic phishing simulations do not teach QR safety — train the muscle.
4. Tighten conditional access on personal devices. Block unmanaged devices from authenticating to corporate apps, or require device compliance before SSO succeeds.
5. Build a clear “I just scanned a bad QR” report path. Make it a one-click button in email and a short URL for physical incidents. Speed matters: a credential captured at 10:00 is often used by 10:30.

Quishing statistics at a glance

• Quishing rose 587% in 2023 (Keepnet Labs, 2026).
• QR codes appeared in roughly 12% of all phishing attacks in 2025 (Keepnet Labs, 2026).
• Palo Alto Unit 42 telemetry averages more than 11,000 malicious QR detections per day (Palo Alto Networks Unit 42, 2026).
• Cyble's Scanception research found ~80% of analyzed QR-bearing phishing PDFs had zero VirusTotal detections at first sight (Cyble, 2025).
• 73% of Americans scan QR codes without verification per NordVPN/CNBC (CNBC, 2025).

Full breakdown in our Quishing Statistics 2026 article.

Frequently asked questions

How is quishing different from regular phishing?

Regular phishing puts the malicious URL in plain text inside an email body or SMS. Quishing hides the URL inside a QR code image, so text-based email security filters cannot scan it. The end goal — credential theft, malware, or fraud — is identical; the delivery vector is what changes.

How fast is quishing growing?

Keepnet Labs measured a 587% rise in quishing in 2023, and by 2025 QR codes appeared in roughly 12% of all phishing attacks. Palo Alto Networks Unit 42 telemetry averages more than 11,000 malicious QR detections per day.

Are quishing attacks targeted or mass?

Both. Mass quishing campaigns spray fake Microsoft 365 login codes to corporate inboxes; targeted campaigns customize the QR landing page to match a specific company brand. Public-space quishing (parking, restaurants) is opportunistic and untargeted.

Can a QR code install malware automatically?

No, scanning by itself only decodes a URL. Malware enters when the destination page abuses a browser exploit, tricks the user into installing an app, or lures the victim into entering credentials that are later used for account takeover.

Does multi-factor authentication stop quishing?

It helps but is not a complete defense. Adversary-in-the-middle (AiTM) phishing kits can proxy MFA codes in real time. Phishing-resistant authentication — passkeys or hardware security keys — is what actually stops modern quishing campaigns.