FBI Warns About QR Code Phishing Threats

The FBI has recently cautioned about a rising trend of cyber threats where QR codes are being exploited for espionage. Specifically, a group of hackers believed to be backed by the North Korean government is using a technique known as “kissing” to target individuals in the United States.

The method is quite straightforward. When someone scans a deceptive QR code, they can be redirected to a harmful website. This allows attackers to compromise login details, install malware, or gather sensitive data from the victim’s device.

Understanding the ‘Kissing’ Technique

“Kissing” is short for QR code phishing. Instead of clicking on dubious email links, victims are tricked into scanning QR codes that mask the actual destination. While QR codes themselves are safe, the risks lie in what those codes link to. Unsuspecting users may be sent to fake login pages or malware downloads. QR codes’ convenience makes them a prime target for such attacks, as many people scan them without a second thought.

Who is Behind the Attacks?

This troubling activity is linked to a hacker collective known as Kimsuky, which has a history as North Korea’s cyber espionage unit. The FBI noted that these QR code attacks emerged around May 2025. In one instance, an attacker impersonated a foreign policy consultant, sending a QR code in an email to a think tank leader. Scanning the code led victims to a malicious site designed to harvest sensitive information.

The Consequences of Scanning

Upon visiting these harmful sites, users may face several threats. Some pages prompt users to download files laced with malware. Others mimic login portals for popular platforms like Okta or Microsoft 365. Even if users don’t provide their details, these sites can still capture information about their devices, including IP addresses and browser types, helping attackers to build profiles of their targets.

Why These Phishing Attacks are Specific

The FBI has described these phishing campaigns as “spear phishing” rather than broad spam efforts. This means the emails are personalized; language and context are tweaked to seem legitimate and trustworthy. This targeting makes such attacks especially risky for professionals and those involved in sensitive areas like policy and technology.

Increase in QR Code Phishing Threats

QR codes have become ubiquitous, appearing in restaurants, ads, and various services. Their increasing use presents more opportunities for malicious actors, as people are often conditioned to scan without hesitation. Thus, remaining vigilant is crucial.

Protecting Yourself from QR Code Phishing

The FBI recommends a few strategies to protect against these threats:

1. Be Cautious of Unexpected QR Codes

Treat QR codes similarly to email links. If you didn’t expect one, it’s probably best not to scan it. QR codes sent through messages or emails are common entry points for these phishing schemes, preying on user curiosity.

2. Verify the Source

Ensure you know who sent the QR code. If it’s supposedly from a colleague or organization, reach out via a separate communication channel for confirmation before scanning.

3. Avoid Entering Login Information

QR code phishing typically leads to imitation login pages designed to capture usernames and passwords. If a scan directs you to a login page, it’s safest to close it and manually navigate to the site instead.

4. Carefully Check URLs

Once the QR code opens a webpage, examine the address bar for irregularities. Misspelled words or strange endings can be indicators of a malicious site.

5. Use Reliable Antivirus Software

Effective antivirus solutions provide an additional layer of security against these threats. They can block known phishing sites and stop harmful downloads, which is especially important for mobile devices.

6. Consider Data Deletion Services

Some malicious sites can collect device information without user interaction. Data deletion services help limit personal data exposure online, making it harder for scammers to craft targeted attacks.

7. Avoid Downloading from QR Codes

Steer clear of downloading files from QR code links unless you are confident in their safety. Malware from QR codes can deploy spyware or remote access programs without alerting the user.

Key Takeaways

While QR codes offer convenience, they can also lead to serious security threats. As highlighted by the FBI’s warning, cybercriminals are evolving their tactics and using familiar tools in increasingly dangerous ways. A moment of caution can save you from potential harm.