QR Code Tricksters: New Phishing Tactics Unveiled by Barracuda Researchers

Barracuda Networks researchers have spotted quishing techniques with malicious QR codes. One involves splitting a QR code into separate images, while another nests a malicious code within a legitimate one. These cunning tactics make quishing a real head-scratcher, proving that even QR codes can have a split personality or a secret identity!

3P
Published: August 20, 2025 12:51 pmAdded: August 20, 2025 at 6:21 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Quishing: The new sushi for cybercriminals! Who knew QR codes could be so devilishly delicious? These digital tricksters are slicing and dicing QR codes like they’re prepping for a MasterChef finale, all to whet the appetites of phishing aficionados. With the emergence of sneaky split and nested QR codes, it seems even cybercriminals have taken a page from a magician’s playbook—now you see it, now you don’t!

Key Points:

  • Gabagool and Tycoon PhaaS kits are using innovative QR code phishing techniques.
  • QR code splitting involves embedding two separate images in emails to evade detection.
  • QR code nesting incorporates a malicious QR within a legitimate one.
  • Traditional email security systems struggle to detect these novel quishing tactics.
  • Barracuda suggests multimodal AI-powered email protection against these threats.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?