Cybersecurity threats are constantly evolving, with new tactics and techniques being used by cybercriminals to target individuals and organizations. One such emerging threat is ‘quishing’ attacks, a form of phishing that utilizes QR codes to deceive victims.


According to a report by Egress, quishing attacks have seen a significant increase from 0.8% in 2021 to 10.8% in 2024. In contrast, attachment-based payloads have decreased by half during this period [4], dropping from 72.7% to 35.7%. Impersonation attacks continue to be prevalent, with 77% of them posing as well-known brands like DocuSign and Microsoft [4]. Social engineering tactics are utilized in 16.8% of phishing attacks [2] [3] [4], often targeting popular work messaging platforms such as Microsoft Teams, Slack [1] [2] [3] [4], and SMS in multi-channel attacks. The use of artificial intelligence in cybercrime is also on the rise, with attacks bypassing Secure Email Gateways (SEGs) increasing by 52.2%. Millennials are increasingly becoming targets of cybercriminals, particularly in the finance, legal [1] [2] [3], and healthcare sectors [1]. Personalized social engineering attacks, such as those centered around events like Valentine’s Day, underscore the evolving nature of cyber threats.


The surge in quishing attacks and the evolving tactics used by cybercriminals highlight the need for organizations and individuals to remain vigilant and proactive in their cybersecurity measures. Implementing robust security protocols, providing regular training on cybersecurity best practices, and staying informed about the latest threats are crucial steps in mitigating the risks posed by these evolving cyber threats. As technology continues to advance, it is imperative for cybersecurity measures to keep pace in order to protect against future threats.