**FBI Warns of QR Code Phishing Used by North Korean Cyber Spies**

The Federal Bureau of Investigation has issued a warning about a growing cyber threat that turns everyday QR codes into spying tools, used by a North Korean government-sponsored hacking group. The tactic, known as "quishing," involves tricking victims into scanning a QR code that sends them to a malicious website, where attackers can steal login credentials, install malware or collect device data.

Quishing is short for QR code phishing. Instead of clicking a suspicious link in an email, the victim scans a QR code that hides the real destination. QR codes themselves are harmless; the danger lies in the link embedded inside them. Once scanned, the link can redirect users to fake login pages, malware downloads or tracking sites.

The FBI says the activity is tied to a hacking group known as Kimsuky, which has operated for years as a cyber espionage arm for North Korea. The QR code-based attacks began in May 2025 and have been targeting people in the United States. In one example, attackers posed as a foreign policy advisor and emailed a think tank leader with a QR code that linked to a fake questionnaire.

Once a victim lands on one of these sites, several things can happen. Some pages prompt users to download files that contain malware. Others mimic mobile login portals for popular services such as Okta, Microsoft 365 or VPN services. Even if no form is filled out, the site can still collect device details, including IP address, operating system, browser type and approximate location.

The FBI describes these campaigns as spear phishing rather than mass spam, meaning the emails are crafted for specific individuals. The language context and sender details are tailored to look relevant and credible, making them especially dangerous for professionals, researchers, executives and anyone working in policy or technology.

**Why QR Code Phishing Threats Are Growing**

QR codes are everywhere now – restaurants, parking meters, event tickets, and ads all rely on them. As their use grows, so does the opportunity for abuse. Attackers know people are conditioned to scan without hesitation, making caution more important than ever.

**Ways to Stay Safe from QR Code Phishing**

1. **Be cautious with unexpected QR codes**: Treat QR codes like links in emails. If you did not expect it, do not scan it. 2. **Verify the source before scanning**: Always confirm who sent the QR code. If a message claims to come from a coworker, vendor or organization, reach out through a separate channel before scanning. 3. **Never enter logins after scanning a QR code**: QR code phishing often leads to fake mobile login pages. Attackers mimic sign-in screens for email, VPNs and cloud services to steal usernames and passwords. 4. **Inspect the website URL carefully**: Once a QR code opens a page, check the address bar. Look for misspellings, extra words or unfamiliar domain endings. 5. **Use strong antivirus software for QR-based threats**: Strong antivirus software adds an extra layer of protection against quishing. Security tools can block known phishing sites, stop malicious downloads and warn you before harmful pages load. 6. **Use a data removal service to limit exposure**: Some quishing sites collect device and location data even if you do nothing. A data removal service helps reduce how much personal information is publicly available online. 7. **Avoid QR code downloads entirely**: Do not download files from QR code links unless you are absolutely certain they are safe.

**The Best Way to Safeguard Yourself**

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

**Stay Safe Online**

These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.

By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.