The New Wave of Phishing: Exploring Phone, QR Code, and More

In today’s rapidly evolving digital age, businesses must navigate the ever-present threat of cybersecurity breaches. Phishing, a malicious technique employed by cybercriminals, continues to take on new forms and exploit various communication channels. In this blog, we will explore the innovative methods cybercriminals are adopting, such as phone-based phishing (smishing), QR code scams, and other emerging tactics. With a focus on providing actionable insights, we will examine the statistics, dangers, and preventive measures required to safeguard against these evolving threats.

1. The Rise of Phone-Based Phishing (Smishing)

Smartphones have become an integral part of our lives, and unfortunately, cybercriminals are taking advantage of this reliance. Phone-based phishing, commonly known as smishing, has been on the rise, with attackers using SMS or phone calls to trick individuals into providing sensitive information or downloading malicious content. According to a report by KnowBe4, smishing attacks have increased by a staggering 250% in the past year alone.

Phone-Based Phishing

2. QR Code Scams: Silent but Dangerous

QR codes have gained popularity due to their convenience, but they have also become an avenue for malicious attacks. Cybercriminals have been using innocent-looking QR codes to disguise harmful URLs, redirecting unsuspecting victims to dangerous websites or encouraging them to download malware-infected applications. Recent statistics reveal a troubling trend, with a 30% surge in QR code phishing attacks.

3. The Art of Social Engineering via Text Messages

Text messages are an essential part of our communication repertoire, making them an attractive medium for cybercriminals to exploit. Through various social engineering techniques, attackers manipulate individuals through text messages, deceiving them into divulging sensitive information or taking actions that compromise their security. A study found that a staggering 90% of individuals have received phishing text messages.

4. The Menace of Malware Delivery: Facebook Messenger Edition


With its extensive user base, Facebook Messenger has become a prime target for cybercriminals seeking to deliver malware discreetly. Leveraging social engineering techniques, these attackers persuade users to click on malicious links or download infected files. Analysis from KnowBe4 reveals that Facebook Messenger has emerged as the platform of choice for malware delivery, accounting for 62% of social media-based attacks.

Protecting Your Business Against the New Wave of Phishing

As the threat landscape continues to evolve, businesses must adopt proactive measures to safeguard their data and operations. Here are some essential preventive measures to protect against these new forms of phishing:

  1. Be vigilant and skeptical: Exercise caution when receiving unsolicited messages, even if they appear to be from a trusted source.
  2. Verify with caution: Always double-check the authenticity of SMS, phone calls, QR codes, or messages received via social media platforms before taking any action. Do not trust without verification.
  3. Stay updated: Keep your devices, applications, and software up to date. Regularly install security patches to protect against known vulnerabilities.
Stay updated
  1. Educate your team: Stay informed about the latest phishing techniques and trends to recognize red flags and avoid falling victim to attacks.
  2. Implement robust security solutions: Deploy comprehensive security software featuring built-in anti-phishing and anti-malware capabilities to detect and block potential threats.
  3. Report incidents: If your business encounters a phishing attempt, report it to the relevant authorities, such as your IT department, email provider, or local law enforcement agency.

Remain vigilant

In the ever-changing landscape of cybersecurity, organizations must remain vigilant to combat the new wave of phishing attacks. The rise of phone-based phishing, QR code scams, and other emerging tactics highlights the need for heightened cybersecurity awareness. By applying preventive measures, educating employees, and leveraging advanced security solutions, businesses can navigate these evolving threats and protect themselves from falling victim to these sophisticated cyberattacks. Download the free Phishing Tip Sheet here and learn more:


  1. “USPS Smishing Scams”
  2. “UNC3944 Text Social Engineering”
  3. “Facebook Messenger Malware Delivery”

Leave a Reply

Your email address will not be published. Required fields are marked *

About CIT

CIT Careers

Rooted in Minnesota with innovators nationwide, we’re tech problem-solvers & solution providers. From cybersecurity to support engineers, we’re powered by passion & precision, aiming to transform adversity into advancement. Together, let’s redefine the digital horizon.

Get in contact: email us at or call 651.255.5780

Copyright: © 2024. All Rights Reserved.

CIT is designated autism-friendly by autism speaks