Irish Information Security Forum

Quishing: An Emerging Cybersecurity Threat


Quishing. This term, a portmanteau of “QR code” and “phishing,” refers to a type of social engineering attack that uses QR codes to trick victims into revealing sensitive information or downloading malware.


What is Quishing?

Quishing is a form of phishing attack that uses QR codes to lure victims. Cybercriminals create a QR code that appears legitimate, such as one offering a discount or special offer. However, it directs the victim to a fake website controlled by the attacker. Once on the fake website, the victim is prompted to enter sensitive information such as login credentials or credit card information, which is then stolen


How Does Quishing Work?

The attacker creates a QR code that looks legitimate and distributes it through various means such as email, social media, or even physical flyers. When the victim scans the code with their smartphone or other devices, it redirects them to a malicious website or file. In some cases, QR codes may be configured to automatically download malware onto the victim’s device, allowing the attacker to steal sensitive information or take control of the device.


Protecting Yourself from Quishing

It’s important to preview the URL destination before accessing any link on your phone and beaware of obfuscated URLs that are unreadable or shortened. Check if you are being directed to a ‘secure’ site (HTTPS rather than HTTP) especially if you are asked to enter credit card or payment information. Be cautious with QR codes in public places or in the mail. 




If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland



We would like to thank these generous sponsors for their support. 

crowdstrike logo

zscaler logo



Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more


secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy Statement  - Sponsorship  - Cybersecurity News Topics  - Cybersecurity Resources  - Produced by
LinkedIn Twitter