Kaspersky Study: 430% More Quishing Attacks in Just 3 Months
Kaspersky reports dramatic increase in QR code phishing: From August to November 2025, malicious QR codes in emails rose from 47,000 to 250,000 cases. PDF attachments and mobile devices are the main targets.
Alarming Numbers: 430% Increase in 3 Months
According to Kaspersky, the number of malicious QR codes in emails increased from 46,969 to 249,723 detected cases between August and November 2025 – more than a fivefold increase.
Quishing: The Underestimated Threat
Russian cybersecurity firm Kaspersky has documented a dramatic increase in QR code phishing (quishing) in a recent study. The numbers are alarming: between August and November 2025, the number of malicious QR codes in emails increased by more than 430 percent.
"Malicious QR codes have become a particularly effective phishing tool in 2025," explains Roman Dedenok, Anti-Spam Expert at Kaspersky. The reasons for this are varied – and should alert every internet user.
The Perfidious Attack Patterns of Cybercriminals
The Kaspersky study shows that cybercriminals are continuously refining their tactics. The most common attack patterns:
Fake Login Pages
QR codes lead to deceptively real copies of Microsoft login pages or internal company portals.
Fake HR Communications
Emails about vacation plans, layoffs, or salary changes with QR codes leading to phishing sites.
Fake Invoices + Vishing
Fake invoices with QR codes, combined with phone contact attempts (Voice Phishing).
The PDF Trap: How Attackers Bypass Security Filters
Particularly perfidious: cybercriminals are increasingly embedding their malicious QR codes in PDF attachments. This strategy has two key advantages for attackers:
- Professional Impression: PDF documents create the impression of business correspondence and increase recipient trust.
- Bypassing Security Filters: Many email security systems cannot analyze QR codes in PDF documents – the malicious links remain undetected.
Why Smartphones Are the Main Target
The real target of attackers are mobile devices. The reason: smartphones are typically much less protected than corporate computers.
Vulnerabilities of Mobile Devices:
Kaspersky Recommends: How to Protect Yourself
- Check Attachments: Do not open PDF attachments from unknown senders – especially if they contain QR codes.
- Check URLs: After scanning, check the URL for typos or suspicious domains before visiting the page.
- Multi-Factor Authentication: Enable MFA for all important accounts – even if login credentials are stolen, this provides additional protection.
- Security Solutions: Use comprehensive security solutions that can also check QR codes for phishing.
QRTrust: The Answer to the Quishing Epidemic
The Kaspersky study confirms what QRTrust has been preaching since its founding: QR codes are a massive attack vector that requires specialized security solutions. While conventional email filters cannot detect QR codes in PDFs, QRTrust provides proactive protection.
How QRTrust Protects Against Quishing:
- 6-layer security analysis against PhishTank, Google Safe Browsing, and proprietary AI
- Real-time warning BEFORE you visit the URL
- Redirect tracking: detects hidden redirects to phishing sites
- 100% GDPR compliant – data is only processed in Germany
Conclusion: Quishing is the #1 Threat in 2025
The Kaspersky numbers speak clearly: with an increase of over 430% in just three months, quishing is no longer a fringe phenomenon but one of the greatest cyber threats of our time. The combination of PDF disguise, mobile focus, and increasingly sophisticated attack methods makes it clear: without specialized protection solutions like QRTrust, businesses and individuals are at the mercy of attackers.
The good news: with the right tools and a trained eye, the danger can be significantly reduced. Never scan a QR code without checking it first.
Sources
- datensicherheit.de: "Quishing: Kaspersky reports significant increase in QR code phishing" →
- • Kaspersky Security Report 2025
*About QRTrust: QRTrust is Germany's first QR code security platform, developed in Dortmund. With AI-powered real-time detection, QRTrust protects citizens and businesses from quishing attacks. 100% GDPR compliant, hosted in Germany.*