FBI warns QR code phishing used in North Korean cyber spying

The Federal Bureau of Investigation has issued a informing astir a increasing cyber menace that turns mundane QR codes into spying tools.

According to the bureau, a North Korean government-sponsored hacking radical is utilizing a maneuver known arsenic quishing to people radical successful the United States. 

The extremity is simple. Trick you into scanning a QR codification that sends you to a malicious website. From there, attackers tin bargain login credentials, instal malware oregon softly cod instrumentality data.

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter.

WHATSAPP WEB MALWARE SPREADS BANKING TROJAN AUTOMATICALLY

The FBI is informing Americans astir a increasing cyber menace that uses QR codes to bargain information and spy connected victims, tying the attacks to a North Korean hacking group. (Photo by Kevin Carter/Getty Images)

What quishing is and wherefore it works

Quishing is abbreviated for QR codification phishing. Instead of clicking a suspicious nexus successful an email, the unfortunate scans a QR codification that hides the existent destination. QR codes themselves are harmless. The information lies successful the nexus embedded wrong them. Once scanned, the nexus tin redirect users to fake login pages, malware downloads oregon tracking sites. Because QR codes consciousness acquainted and fast, galore radical scan them without reasoning twice. That divided 2nd of spot is precisely what attackers trust on.

Who is down the attacks

The FBI says the enactment is tied to a hacking radical known arsenic Kimsuky. The radical has operated for years arsenic a cyber espionage limb for North Korea. What is caller is the transportation method. According to the FBI, the QR code-based attacks began successful May 2025. In 1 example, attackers posed arsenic a overseas argumentation advisor and emailed a deliberation vessel person with a QR codification that linked to a fake questionnaire. Scanning the codification sent the unfortunate to a malicious tract designed to harvest information.

What happens aft you scan the QR code

Once a unfortunate lands connected 1 of these sites, respective things tin happen. Some pages punctual users to download files that incorporate malware. Others mimic mobile login portals for fashionable services specified arsenic Okta, Microsoft 365 oregon VPN services. Even if nary signifier is filled out, the tract tin inactive cod instrumentality details. That includes IP address, operating system, browser benignant and approximate location. Over time, that information helps attackers physique quality profiles connected their targets.

Why QR codification phishing attacks are highly targeted

The FBI describes these campaigns arsenic spear phishing alternatively than wide spam. That means the emails are crafted for circumstantial individuals. The connection discourse and sender details are tailored to look applicable and credible. When an email feels personal, radical are much apt to spot it. That is wherefore these attacks are particularly unsafe for professionals, researchers, executives and anyone moving successful argumentation oregon technology.

Why QR codification phishing threats are growing

QR codes are everyplace now. Restaurants, parking meters, lawsuit tickets and ads each trust connected them. As their usage grows, truthful does the accidental for abuse. Attackers cognize radical are conditioned to scan without hesitation. That makes caution much important than ever.

Ways to enactment harmless from QR codification phishing

The FBI says 1 of the champion defenses against quishing is slowing down. QR codes region the ocular clues radical trust on, truthful a fewer other checks tin marque a large difference.

1) Be cautious with unexpected QR codes

Treat QR codes similar links successful emails. If you did not expect it, bash not scan it. QR codes sent by email, substance oregon messaging apps are a communal introduction constituent for quishing attacks. Criminals trust connected curiosity and urgency to propulsion you into scanning without thinking.

2) Verify the root earlier scanning

Always corroborate who sent the QR code. If a connection claims to travel from a coworker, vendor oregon organization, scope retired done a abstracted transmission earlier scanning. A speedy telephone oregon nonstop connection tin halt a phishing effort cold.

JANUARY SCAMS SURGE: WHY FRAUD SPIKES AT THE START OF THE YEAR

Federal investigators accidental hackers are utilizing "quishing," oregon QR codification phishing, to lure victims to malicious websites that bargain credentials and instrumentality data. (Jens Schlueter/Getty Images)

3) Never participate logins aft scanning a QR code

QR codification phishing often leads to fake mobile login pages. Attackers mimic sign-in screens for email, VPNs and unreality services to bargain usernames and passwords. If a QR codification takes you to a login page, adjacent it and sojourn the tract manually instead.

4) Inspect the website URL carefully

Once a QR codification opens a page, cheque the code bar. Look for misspellings, other words oregon unfamiliar domain endings. A unusual URL is often the lone informing motion that the tract is malicious.

5) Use beardown antivirus bundle for QR-based threats

Strong antivirus bundle adds an other furniture of extortion against quishing. Security tools tin artifact known phishing sites, halt malicious downloads and pass you earlier harmful pages load. This is particularly important connected mobile devices, wherever QR codes are astir often scanned.

The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

6) Use a information removal work to bounds exposure

Some quishing sites cod instrumentality and determination information adjacent if you bash nothing. A information removal work helps trim however overmuch idiosyncratic accusation is publically disposable online. That makes it harder for attackers to people you with convincing spear phishing emails that see QR codes.

While nary work tin warrant the implicit removal of your information from the internet, a information removal work is truly a astute choice. They aren't cheap, and neither is your privacy. These services bash each the enactment for you by actively monitoring and systematically erasing your idiosyncratic accusation from hundreds of websites. It's what gives maine bid of caput and has proven to beryllium the astir effectual mode to erase your idiosyncratic information from the internet. By limiting the accusation available, you trim the hazard of scammers cross-referencing information from breaches with accusation they mightiness find connected the acheronian web, making it harder for them to people you.

Check retired my apical picks for data removal services and get a free scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com.

Get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web: Cyberguy.com.

7) Avoid QR codification downloads entirely

Do not download files from QR codification links unless you are perfectly definite they are safe. Malware delivered done QR codes tin softly instal spyware oregon distant entree tools without evident informing signs.

INSTAGRAM PASSWORD RESET SURGE: PROTECT YOUR ACCOUNT

A North Korea-linked cyber radical is targeting U.S. professionals by embedding harmful links wrong seemingly harmless QR codes, according to the FBI. (Jaap Arriens/NurPhoto via Getty Images)

Kurt's cardinal takeaways

QR codes are convenient, but convenience tin little defenses. As this FBI informing shows, attackers are evolving and utilizing acquainted tools successful unsafe ways. A infinitesimal of verification tin forestall weeks oregon months of damage.

When was the past clip you stopped to question a QR codification earlier scanning it? Let america cognize by penning to america at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide – escaped erstwhile you articulation my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com.  All rights reserved.