Surge in QR code phishing highlights evolving threats to Irish organisations
The number of QR code phishing attacks increased 146% in the first quarter of 2026, according to data from Microsoft’s threat intelligence team. Attackers are bypassing traditional e-mail filters using this technique by embedding malicious links in QR images in PDF attachments, accounting for 70% of QR phishing by March.
Globally, Microsoft detected 8.3 billion e-mail-based phishing attempts globally over the same period, reinforcing e-mail as a primary entry point for cyberattacks.
Fake CAPTCHA scams increased by 125% as criminals add fake security checks to trick users and bypass detection.
The vast majority of these e-mail attacks (90%) aimed to steal user credentials rather than deliver malware, reflecting a shift by threat actors towards account compromise over payload-based attacks.
In early March, Microsoft’s Digital Crimes Unit disrupted the Tycoon2FA phishing-as-a-service platform, leading to an immediate 15% drop in that operation’s phishing activity for the rest of the month.
Kieran McCorry, national technology officer at Microsoft Ireland, (pictured) said: “As new tactics like QR-code scams and fake CAPTCHAs surge, it’s a wake-up call for organisations in Ireland to step up vigilance. Attackers are constantly refining their methods to trick even experienced employees, so questioning unexpected emails and having robust processes are essential now to protect credentials.”
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers