A recent Unit 42threat analysis highlights a significant and growing threat vector: QR codes weaponized for phishing and malware delivery . While QR codes were originally introduced as a simple way to encode and share URLs or other data, attackers have learned to exploit their ubiquity and inherent trust to lure users into malicious interactions. Because QR codes embed encoded URLs that traditional security tools often cannot inspect, they allow attackers to bypass standard email and URL filters and redirect victims directly to credential-harvesting pages or malicious downloads. In the aforementioned report, daily detections of QR codes include tens of thousands of instances —with an estimated 15% of scanned QR pages leading to malicious destinations —underscoring the scale and persistence of this threat. This is aligned withZimperium telemetry, where we see a steady flow of phishing threats coming fromQR code scans.