QR Code Phishing Statistics & Quishing Trends: An In-Depth Analysis

Explore the latest QR code phishing statistics and quishing trends. From sophisticated quishing scams to preventive measures, discover real examples and how to protect your organization with security awareness training.

Last Updated: 2026-04-03

2026 QR Code Phishing Trends: In-Depth Analysis of Rising Quishing Statistics

In 2026, QR code phishing has become a significant concern for individuals and businesses. With the increased use of Quick Response (QR) codes for various transactions and information sharing, malicious actors have found a ground for exploiting unsuspecting users.

This blog post explores the latest QR code phishing statistics, shedding light on the scale and sophistication of these scams. We aim to provide readers with a comprehensive understanding of the current landscape of QR code-related fraud, offering insights into the most common tactics used by scammers and their impact on victims.

QR Code Phishing Statistics 2026

These quishing statistics show that 12% of all phishing attacks contained a QR code in 2025. 68% of quishing attacks specifically targeted mobile users in 2025. QR-based phishing emails surged from approximately 47,000 in August to over 249,000 in November 2025 in QR code phishing statistics. >

In 2025, quishing attacks surged significantly, reflecting a broader trend in social engineering tactics. Nearly 90%of these attacks are crafted to steal login credentials and other sensitive data, commonly targeting corporate email systems, cloud storage platforms, and remote access tools. (Source)

The use of AI has made quishing attacks more advanced, allowing cybercriminals to quickly create realistic phishing pages, tailor scams to individual targets, and adjust their methods on the fly. This has made quishing harder to detect and more effective across a wide range of industries.

QR Code Phishing Incidents: A Rising Threat

Image 1: Number of QR code phishing cases reported in June 2023

These quishing statistics show that from June to August 2023, a significant surge in QR code phishing emails was observed — an early signal of what would become a sustained threat through 2025 and into 2026. Systems detected 8,878 such incidents, marking a pivotal shift in cybercriminal tactics. June witnessed the peak of this trend, with 5,063 reported cases.

This spike coincided with a sharp rise in the use of QR codes as phishing payloads, up from just 0.8% in 2021 to 12.4% in 2023, stabilizing at 10.8% in 2024 and reaching 12% of all phishing attacks in 2025. As attackers continue to embed malicious QR codes into emails and printed materials, they exploit users' trust in visual simplicity and mobile-first habits. Linkcpa report

Low Detection and Reporting Rates of QR Code Phishing Attacks

only_36_of_these_incidents_were_accurately_identified_and_reported_by_the_recipients_147ea62a60.jpg — Image 2: Only 36% of QR code phishing attacks were accurately identified.

These QR codes phishing statistics reveal that the low detection and reporting rate is a concerning aspect of these attacks. Only 36% of these incidents were accurately identified and reported by the recipients. This gap in security awareness and preparedness leaves many vulnerable to the risks associated with deceptive QR phishing.

Targeted Industries: The Primary Victims of QR Code Phishing

the_energy_sector_is_the_most_vulnerable_receiving_29_of_over_1_000_malware_infested_qr_code_emails_505937d9ea.jpg — Image 3: The energy sector is the most vulnerable to QR code phishing campaigns.

Analysis reveals that these Quishing campaigns more frequently target certain industries. These quishing statistics underscore that the Energy sector is the most vulnerable, receiving 29% of over 1,000 malware-infested phishing email QR codes. These QR code phishing statistics also show that manufacturing, Insurance, Technology, and Financial Services sectors are also at high risk, indicating a strategic focus by cybercriminals on sectors they perceive as either more lucrative or vulnerable.

QR Codes: A Preferred Tool in Phishing Campaigns

26_of_all_malicious_links_were_embedded_in_qr_codes_highlighting_the_significant_reliance_of_attackers_on_this_method_d72c5d010c.jp.jpg — Image 4: 26% of all malicious links were embedded in all QR codes.

In these phishing campaigns, 26% of all malicious links were embedded in phishing QR code, highlighting the significant reliance of attackers on this method. 2023 marked a 587% increase in Quishing incidents, demonstrating its growing popularity among cybercriminals. Furthermore, QR codes were used in 22% of all phishing attacks during this period, emphasizing their critical role in the phishing landscape.

Projected Growth in QR Code Payment Systems and Associated Risks

By-2025,-global-expenditures-via-QR-code-payments-will-be-projected.jpg.jpg — Image 5: By 2025, global expenditures via QR code payments were projected to exceed $3 trillion.

By 2025, global expenditures via QR code payments will be projected to exceed $3 trillion, a substantial rise from $2.4 trillion in 2022. This growth, especially in markets like India, opens up vast opportunities for fraudulent QR code schemes, presenting a significant challenge in digital security.

Executives Face 42 Times More QR Code Phishing Attacks Than Average Employees (2023)

In 2023, executives experienced 42 times more QR code phishing attacks than the average employee — a figure that updated to 40 times more likely by 2025 as quishing volumes continued to grow. This alarming trend underscores the heightened risk that high-ranking professionals face in the digital landscape. Cybercriminals target executives due to their access to sensitive information and decision-making power within organizations.

Malicious QR Codes Account for Nearly 2% of All Scanned QR Codes

In a recent analysis, it was revealed that nearly 2% of all scanned QR codes were malicious. This quishing statistic highlights the growing threat of QR code phishing, where cybercriminals embed harmful links and malware into seemingly harmless codes. As QR codes become increasingly popular for various applications, the risk of encountering malicious ones rises.

Credential Phishing: Dominant Threat in QR Code Attacks

Credential phishing emerged as the primary threat in QR code attacks, with approximately 89.3% of detected incidents aimed at stealing login information and other sensitive data. This qr code phishing statistic highlights the urgent need for enhanced security measures and awareness to protect valuable credentials from cybercriminals.

Industry Impact: Retail Sector Most Vulnerable to QR Code Phishing

Different industries exhibit varying susceptibility levels to QR code phishing attacks. The retail industry, in particular, had the highest miss rate, indicating that a significant portion of employees struggled to identify and report suspicious QR codes. This quishing statistics the importance of industry-specific training and vigilance to combat the growing threat of QR code phishing.

Key Quishing Statistics and Trends

Here is a numbered list of 69 quishing statistics and trends, compiled from 2026 sources with resources noted:

Over 4.2 million QR code phishing threats were identified in early 2025.
QR-based phishing emails surged from approximately 47,000 in August to over 249,000 in November 2025.
QR phishing attacks increased fivefold in 2025, marking one of the fastest-growing cyber threats.
12% of all phishing attacks contained a QR code in 2025.
99.5 million US users were expected to scan QR codes by 2025.
Fake QR code stickers placed over legitimate ones at 200 store locations caused a 15% drop in legitimate scans and $2.3 million in damage control costs in 2025.
QR code phishing stabilized at around 10.8% of phishing payloads in early 2025, up from 0.8% in 2021.
68% of quishing attacks specifically targeted mobile users in 2025.
C-level executives were 40 times more likely to fall victim to QR code phishing in 2025 (updated from 42x in 2023).
APWG logged 1,003,924 phishing attacks in Q1 2025 with a notable spike in QR-code (“quishing”) lures.
QR code phishing attacks surged 51% in September 2023 vs. Jan-Aug cumulative.
8,878 quishing incidents from June-Aug 2023, peaking at 5,063 in June.
587% increase in quishing incidents in 2023.
QR codes used in 22% of all phishing attacks in 2023.
Global QR code payments projected to exceed $3T by 2025.
Executives face 42x more QR code attacks than average employees.
Nearly 2% of scanned QR codes are malicious.
89.3% of QR attacks aim at credential theft.
Only 36% of QR phishing incidents accurately identified and reported.
Energy sector receives 29% of malware-infested quishing emails.
Retail has the highest miss rate for detecting malicious QR codes.
Security training improves QR phishing detection by 87% in three months.
Average business loss from quishing exceeds $1M per incident.
26% of malicious links embedded in QR codes in phishing campaigns.
Quishing incidents rising 25% year-over-year into 2025.
12% of phishing emails contain QR codes in 2024.
41% of phishing involves multi-channel attacks including quishing.
Malicious QR codes risen by 25% in 2025.
26% of phishing with URL redirects use QR codes.
331% year-over-year increase in QR code phishing campaigns (Cofense data).
Half a million phishing emails with QR in PDFs detected mid-2024.
90% of QR attacks are credential phishing.
27% of quishing uses fake MFA notices.
21% of QR attacks involve fake shared document notifications.
QR scans quadrupled to 41.77M globally by 2025.
12% of quishing hides codes in PDF/JPEG attachments.
56% of quishing emails involve Microsoft 2FA resets.
48.6% of HR/IT phishing emails (often QR-based) are highly effective.
18% of quishing targets online banking pages.
Only 39% of consumers can identify malicious QR codes.
36% of Germans have scanned suspicious QR codes.
20x surge in QR phishing in fall 2023.
QR payloads from 0.8% (2021) to 10.8% (2024).
427% increase in quishing attacks in September 2023.
Malicious QR from 1.8% to 9.5% of scanned in Aug-Sept 2023.
Quishing from 0.4% to 8.8% of malicious incidents in Aug-Sept 2023.
QR codes in 22% of phishing in early Oct 2023.
Engaged employees have 40% miss rate vs. 90% for disengaged.
73% of Americans scan QR without verification.
Over 26M Americans directed to malicious sites via QR.
4/5 top Bitcoin QR generators were scams in 2019.
Non-C-suite VIPs face 5x more attacks.
Attacks widespread in US/Europe, medical, automotive, education, energy, finance.
Use of redirects/open redirects to mask phishing.
Cloudflare Turnstile for human verification in attacks.
Pre-populated victim emails in phishing URLs.
Fake pages reject arbitrary credentials for targeting.
Bypasses legacy security via minimal text/URLs.
Shift to mobile devices lacks protections.
More than half quishing impersonates Microsoft.
Dynamic QR codes evade static scans.
QR redemption to surge to 5.3B in 2025, boosting quishing.
Macro-enabled Excel for QR generation in attacks.
Energy, finance, healthcare, education highest targeted.
SMBs especially vulnerable to quishing.
Nation-state use of QR for RAT distribution.
AI fueling advanced quishing with realistic pages.
Quishing part of 4,151% phishing rise since ChatGPT.
28% increase in real threat reporting in 2022, 13% in 2023, leveling in 2024.

The Need for Enhanced QR Code Security Measures

These statistics on QR code phishing underscore the escalating threat of Quishing. As cybercriminals refine their tactics, staying informed and adopting proactive defense strategies becomes paramount. The rising trend of Quishing is a stark reminder of the persistent and evolving nature of cyber threats like voice phishing attack statistics suggest. Enhanced QR code security measures like quishing simulators are advisable and essential in safeguarding against these sophisticated phishing attacks.

Protect Your Business Against QR Code Phishing Attacks with Keepnet's Quishing Simulator

Keepnet's Quishing Simulator, a sophisticated, cloud-based solution, is designed to evaluate and fortify your defenses against these QR phishing threats. With its extensive range of features, including over 600 ready-to-use templates and customizable scenarios in more than 30 languages, this tool is pivotal in nurturing a security-conscious culture within your organization.

Benefits of Keepnet's Quishing Simulator

Effective Security Awareness Training: Elevate your organization's defenses against QR phishing risks. Reduce the likelihood of financial losses, which can average over $1 million, while potentially achieving significant ROI through improved efficiencies and cost savings.
Enhanced Security Framework: Identify and mitigate risky behaviors to cultivate a robust security culture, effectively countering ongoing QR Code phishing threats.
Elevating Cybersecurity Knowledge: Experience an 87% improvement in employees' ability to identify and report QR Code phishing attacks within just three months.
Mitigating Legal Risks and Maintaining Compliance: Stay compliant with data protection laws to avoid substantial fines and legal complications.
Thorough Regulatory Adherence: Align your organization with GDPR, CCPA, and other relevant regulations.

Watch our Youtube video below and see how we can protect you againts QR code phishing attacks with our QR Code Phishing Simulation software.

Editor's Note: This article was updated on April 3, 2026.

What Teams Should Do Next

QR Code Phishing Trends: In-Depth Analysis of Rising Quishing Statistics becomes harder to stop when users only learn definitions and never practice decisions. The strongest defense is to pair awareness with clear operational habits such as verification, reporting, and escalation rules that people can follow when a message, page, or call feels urgent.

In practice, teams get the best results when they focus on realistic scenarios. Users should know how the attack fits into normal workflows, what signal is easiest to miss, and which response path is safest when they are unsure.

Keepnet teams usually see failure rates drop when the scenario is mapped to a real workflow such as payment approval, login recovery, or document review. What gets missed most often is not the threat label. It is the small trust cue that makes qr code phishing trends: in-depth analysis of rising quishing statistics feel routine.

Keepnet Checklist

Teach the scenario in the context of real business workflows, not as an isolated scam label.
Show users how to verify unusual requests and where to report them quickly.
Measure report quality and response speed alongside failure rates.
Refresh examples so they match current tools, brands, and attacker behavior.

Schedule your 30-minute demo now!

You'll learn how to:

Automate behavior-based security awareness training for employees that over 4 million people trust.

Create realistic QR phishing templates reflecting the latest quishing attack trends.

To create and distribute printed QR code phishing templates to simulate and test employee responses.

Frequently Asked Questions

What is the Recent Increase in QR Code Phishing Attacks?

There has been a significant rise in QR code phishing attacks, with statistics showing over a 270% monthly increase. This trend highlights the growing reliance of cybercriminals on QR codes as a tool for phishing.

What are Quishing Statistics?

Quishing statistics refer to the data and analysis of phishing attacks that utilize QR codes to deceive victims into providing sensitive information or downloading malicious software. In recent years, these attacks have increased, with cybercriminals exploiting the convenience and popularity of QR codes. Quishing statistics encompass various aspects, such as the frequency of attacks, targeted industries, methods used, and the overall impact on cybersecurity. By examining QR code phishing statistics, organizations and individuals can better understand the threat landscape and implement effective measures to safeguard against QR code phishing attacks.

How Prevalent Are QR Code Phishing Attacks in Different Industries?

QR code phishing attacks are becoming increasingly prevalent across various industries. In 2024, sectors like Energy, Manufacturing, and Retail have seen a notable rise in such attacks, with nearly 29% of phishing emails in these industries containing malicious QR codes.

What Percentage of Phishing Attacks Have Involved QR Codes in Recent Years?

The share of phishing attacks involving QR codes has grown dramatically over recent years. In 2021, QR codes appeared in just 0.8% of phishing attempts. By 2023, that figure had jumped to 22% of all phishing attacks. The rate stabilized at 10.8% in early 2024 before rising again to 12% of all phishing attacks in 2025, as attackers increasingly adopted AI-powered quishing techniques. This sustained growth reflects a fundamental shift in attacker behavior — QR codes have become a mainstream phishing payload, not an emerging novelty.

How Effective is Security Awareness Training for QR Code Phishing Attacks?

Security training has proven highly effective against QR code phishing attacks. Organizations utilizing comprehensive training programs have reported up to an 87% improvement in their employees' ability to identify and report these attacks within a few months.

What is the Cost of QR Code Phishing Attacks on Businesses?

QR code phishing attacks can have a substantial financial impact on businesses. On average, companies can incur losses exceeding $1 million due to these attacks. Investing in preventive measures and security training can significantly reduce these potential financial losses.

What Role Does AI Play in Modern Quishing Attacks?

Artificial intelligence has significantly elevated the threat level of QR code phishing. Cybercriminals now use AI to rapidly generate realistic phishing pages, personalize scam content for individual targets, and adapt their tactics in real time — making quishing attacks harder to detect and far more convincing. AI-powered quishing can mirror legitimate brand interfaces with high fidelity, bypass traditional email security filters, and scale attacks across thousands of targets simultaneously. This evolution makes ongoing security awareness training and AI-aware detection tools essential for organizations of all sizes.

Why Do QR Code Phishing Attacks Bypass Traditional Security Filters?

Traditional email security tools are designed to scan text-based URLs and attachments. QR codes present a unique challenge because the malicious link is embedded inside an image — meaning legacy filters cannot read or analyze it directly. Attackers further exploit this blind spot by embedding QR codes inside PDFs, JPEG images, or using dynamic QR codes that change their destination after initial scanning. Additionally, the attack shifts execution to the victim's mobile device, which typically has fewer enterprise security protections than a corporate computer. Only 36% of QR phishing incidents are accurately identified and reported, underscoring how effectively these attacks evade detection.

What Was the Mirai Botnet and How Does It Relate to QR Code Phishing?

While the Mirai botnet (2016) predates QR phishing, it shares a critical lesson: attackers exploit devices with weak or default credentials at massive scale. Mirai hijacked IoT devices using factory-default usernames and passwords to launch DDoS attacks on DNS provider Dyn, temporarily taking down Twitter, Netflix, and The New York Times. Modern quishing attacks follow the same principle — exploiting user trust and default behaviors (in this case, the habit of scanning QR codes without verification) to gain unauthorized access. Both threats underscore that security awareness training and changing default behaviors are the most effective first lines of defense.

How Can Organizations Protect Employees Against QR Code Phishing in 2026?

Organizations can significantly reduce QR phishing risk by implementing a multi-layered defense strategy: (1) Deploy quishing simulation training — security awareness training with realistic QR phishing scenarios improves employee detection rates by up to 87% within three months. (2) Establish clear verification habits — employees should be trained to verify the source of any QR code before scanning, especially those received via email, SMS, or found in unexpected physical locations. (3) Use mobile threat defense (MTD) tools on company devices. (4) Apply network segmentation so that a compromised mobile device cannot reach critical systems. (5) Measure and track report quality and response speed alongside failure rates, and refresh training scenarios regularly to reflect current attacker tactics, brands, and tools. Keepnet's Quishing Simulator offers over 600 ready-to-use templates across 30+ languages to help organizations build this capability efficiently.