Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Warning: “Fancy” QR Codes Are Making Quishing More Dangerous

    KnowBe4 Team | Jan 23, 2026

    QR Code PhishingScammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports.

    QR code phishing (quishing) is already more difficult to detect, since these codes deliver links without a visible URL. Attackers are now using QR codes with colors, shapes, and logos woven into the code’s pattern.

    “Fancy QR codes further complicate detection,” Help Net Security says. “Their layouts no longer resemble the familiar black and white grid. Logos appear in the center. Modules become rounded, stretched, or recolored. Background images blend into the code. These design changes preserve scan success while disrupting visual and structural assumptions used by existing detection tools.”

    Help Net Security cites a report from Deakin University that looked at these “fancy” QR codes, in which the researchers noted that these “artistic and aesthetic QR codes are created by blending an image with black-white QR code where their modules are almost unidentifiable to [the] human eye.”

    Quishing is also a threat because people usually scan them with their phones, bypassing any security defenses their employer might have on their work computers. These codes can also be placed as stickers in physical locations.

    “According to reporting by NordVPN, 73% of Americans scan QR codes without verifying the destination, and more than 26 million users have been redirected to malicious websites,” Help Net Security writes.

    “In 2025, the U.S. Federal Trade Commission warned consumers that QR codes on unexpected packages should be treated as suspicious. New York City’s Department of Transportation issued a similar warning after discovering fraudulent QR codes placed on parking meters.”

    AI-powered security awareness training can give your organization an essential layer of defense against phishing attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

    Help Net Security has the story.

     

    Return To KnowBe4 Security Blog

    Free QR Code Phishing Security Test

    Did you know dynamic QR code scans increased 433% globally from 2021 to 2022? Try our free QR Code Phishing Security Test to identify users that are most susceptible to these types of attacks so you can train them to think twice before scanning QR codes and build a stronger security culture.

    Monitor-QRT-2Here's how it works:

    • Immediately start your test for up to 100 users (no need to talk to a person)
    • Select from 35 languages and choose one of 3 templates
    • Choose from a “red flags missed” or a “404 error” landing page
    • Get a PDF emailed to you in 24 hours with your Phish-prone Percentage

    Go Phishing Now!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/qr-code-phishing-security-test

    Topics: Social Engineering, Human Risk Management, Quishing

    KnowBe4 Team

    ABOUT KNOWBE4 TEAM

    The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk best practices, compliance strategies and industry research to help organizations strengthen their human defense layer and stay informed, resilient, and secure.

    Read more from KnowBe4 »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Gartner Magic Quadrant
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest insights, trends and security news. Subscribe to CyberheistNews.