From 2021 to 2025, dynamic QR codes generated by users accumulated a total of 7,181,345 QR code global scans, a 433% increase since 2021. QR code is rapidly being adopted since COVID from information retrival to a payment method . Human eyes can’t see the URL or action encoded in the QR code. Threat actors can easily replace legitimate QR codes with malicious ones that lure users into credential theft, financial fraud, and malware downloads.
phishing via QR codes aka Qishing is rapidly becoming a high-risk threat vector, especially in regulated industries where user trust, secure access, and data protection are paramount. The problem? Human eyes can’t inspect QR codes, and most compliance controls can’t intercept them.

In this session, we will
- Discuss QR code use in critical sectors (financial services, health, transit, government and military).
- Walk through the actual case study of parking scam to simulate a phishing flow.
- Share actionable mitigation strategies