Author: Pieter Nel

Threat actors are constantly finding new and innovative ways to compromise systems, and the latest technique is “quishing.” Quishing – short for QR code phishing – leverages the growing use of QR codes in workplace communication to bypass traditional phishing defenses. Sophos recently released research from its X-Ops team highlighting how these attacks are growing in sophistication and frequency, including in South Africa. What is Quishing? Quishing attacks involve embedding fraudulent QR codes in PDF attachments sent via email. These codes are designed to appear legitimate, often disguised as important business documents related to payroll, employee benefits, or other HR-related…