Phishing Surges on the Back of QR Codes

New research published by the Anti-Phishing Working Group (APWG) shows that phishing attempts have surged to levels not seen since late 2023.

QR codes are increasingly the attack vector of choice.  Each day, millions of emails are sent containing QR codes that lead consumers to phishing sites and malware. 

Q1 Lowlights

·         APWG observed a total of 1,003,924 phishing attacks in the first quarter of 2025 - the largest number of attacks per quarter since late 2023. 

·         Attacks against the online payment and financial sectors grew in Q1 2025, comprising 30.9% of all attacks. 

·         The total number of wire transfer Business Email Compromise (BEC) attacks increased by 33% in Q1 2025 compared to the previous quarter. 

Most Targeted Industries

The SaaS/Webmail sector was the most targeted industry by cyber attackers in Q1 2025, making up almost 18% of the total attack volume. The financial industry also continues to be a highly attractive sector for cyber threat attackers, with Payment, Banking, and Crypto contributing to approximately 33% of all phishing attacks in Q1 2025. 

QR Codes Popular

QR code attacks occur when an adversary leverages QR codes to social engineer a user, such as redirecting a victim to a phishing website or to download a malicious attachment. QR codes are becoming an increasingly popular phishing tactic due to the various features they offer. Cyber attackers have been observed taking advantage of QR code features in the following ways:  

·         The availability of free QR code generators facilitates phishing attacks due to decreased financial costs of infrastructure, and free services tend to have less resources dedicated to takedowns of legitimate service abuse and other malicious activity.  

·         Attackers can combine QR codes with URL shorteners to obscure the true destination of the URL and thereby direct victims to malicious sites.  

Certain industries tend to be more prone to QR code attacks, such as Retail & Wholesale, as consumers have adapted to relying on QR codes to access these services. 

Burgeoning BEC  

APWG member Fortra tracks the identity theft technique known as “business e-mail compromise” (BEC).  BEC was responsible for A$4.3B in losses in 2024 according to the IC3. In a BEC attack, a threat actor impersonates an employee, vendor, or other trusted party in an email communication and attempts to trick an employee into sending money, privileged information, or some other asset.  

·         During the first quarter of 2025, gift card scams were once again the most popular scam type, making up more than half the total number of attacks.  

·         The total number of wire transfer BEC attacks observed by Fortra in Q1 2025 increased by 33% compared to the previous quarter. 

·         The average amount requested in wire transfer BEC attacks in Q1 2025 was A$65,000.

·         72% of BEC attacks in Q1 2025 were launched using a free webmail domain.  

·         Remcos RAT was the most common malware payload Fortra observed in Q1 2025.

Protection Against Phishing

Our SFT Threat Protection Bundle enables your organisation’s email system to automatically detect and prevent phishing links and other malware from entering your organisation. Combining the layered strengths of GoAnywhere MFT and Clearswift, it means your team can receive and share information securely, without impairing their productivity.

Seamlessly integrating managed file transfer with advanced threat protection and adaptive data loss prevention, SFT Threat Protection not only prevents malware from entering your organisation, but it also prevents employees from losing or mishandling data.

For example, if an employee knowingly –– or unknowingly –– attempts to share any files containing malware, those files are sanitised by having the malicious elements automatically removed.

It can also automatically detect and –– if you configure it to do so –– prevent employees from sharing sensitive information.

Local Help on Hand

Generic Systems Australia has decades of experience helping Australian and New Zealand organisations protect themselves against phishing and other cyber attacks by leveraging the power of the world’s leading MFT solution. Our Migration Service makes the transition even easier for organisations who prefer to use their resources building their businesses rather than improving their IT plumbing.

If you’d like a no-cost, no-obligation discussion about how we could help you simply and affordably adopt an advanced MFT solution, please feel welcome to get in touch with us.

At Generic Systems Australia, we’re your local experts in Secure Managed File Transfer.