从8月到2025年11月, 使用恶意QR码的钓鱼攻击事件翻了五番, 利用假邮件和PDF欺骗用户窃取证件。 Phishing attacks using malicious QR codes surged fivefold from Aug to Nov 2025, tricking users via fake emails and PDFs to steal credentials.

Kaspersky报告说,从2025年8月至11月,使用恶意QR代码的钓鱼袭击增加了五倍,检测从46 969起增至249 723起。 Kaspersky reported a fivefold surge in phishing attacks using malicious QR codes from August to November 2025, with detections rising from 46,969 to 249,723. 网络罪犯将这些代码嵌入假电子邮件和PDF, 装作像HR通知或发票等常规信息, 通过移动设备窃取证书。 Cybercriminals are embedding these codes in fake emails and PDFs, posing as routine messages like HR notices or invoices, to steal credentials via mobile devices. 这些袭击绕过传统的电子邮件安全,往往与防线相结合,利用扫描QR码的方便程度。 The attacks bypass traditional email security, often combined with vishing, and exploit the ease of scanning QR codes. Kaspersky警告各组织,如果没有先进的检测工具和用户培训,它们仍然很脆弱,敦促改进安全措施,防止数据破坏和财务损失。 Kaspersky warns organizations remain vulnerable without advanced detection tools and user training, urging improved security measures to prevent data breaches and financial loss.