Hackers target WhatsApp users with QR code scams
Cybercrime is evolving at an unprecedented pace, with malicious actors continually finding new ways to exploit digital vulnerabilities. Among the latest developments is the weaponization of QR codes to compromise personal and organizational data. This method represents a troubling trend in how cybercriminals adapt their tactics to leverage emerging technologies and communication platforms.
Star Blizzard is paving the way
In recent incidents observed by Microsoft Threat Intelligence, Star Blizzard have targeted high-profile individuals and organizations by embedding malicious QR codes in emails or WhatsApp messages. For instance, a fraudulent message might claim to be from a humanitarian organization, urging the recipient to “donate” via a QR code link. Scanning the code could lead to the theft of financial information or other sensitive data.
One of the most notable groups leveraging these tactics is Star Blizzard, a sophisticated hacking organization linked to Russian intelligence services. Active since 2017, Star Blizzard has been implicated in various cyber campaigns targeting government officials, NGOs, and businesses. Their use of QR codes is part of a broader strategy to exploit trust and gather intelligence from high-value targets. By combining social engineering with advanced technical methods, Star Blizzard continues to pose a significant threat on the global stage.
To see how similar methods have been used to compromise user data, read about the infamous TikTok hack targeting high-profile DMs.
What are QR code scams?
QR codes, originally designed for convenience, are now being used by hackers as tools for deception. This type of attack, often referred to as “quishing” (QR phishing), involves the use of fake QR codes to trick individuals into revealing sensitive information. These scams often rely on creating a false sense of urgency or legitimacy, making victims more likely to interact with the malicious code.
To understand how hackers use similar techniques in phishing attacks, check out our article on what is phishing.
A common scenario involves receiving a seemingly harmless QR code embedded in a message or email. When scanned, the QR code redirects to a malicious website designed to capture login credentials or other private data. In some cases, these scams go a step further by exploiting messaging platforms like WhatsApp, which many people trust for private communication.
How do these attacks work?
Deceptive messaging: Attackers craft messages that appear to come from a trusted source, such as a colleague, organization, or service provider.
QR code delivery: The message includes a QR code that promises to deliver additional information, verify an account, or resolve a supposed issue.
Data compromise: Scanning the code leads to a website that either installs malware or prompts the user to input sensitive data, such as passwords or payment information.
Account hijacking: In some advanced cases, the hackers use the compromised information to gain access to accounts, enabling further attacks on the victim’s contacts or network.
If you're interested in how hackers exploit tools and strategies like these, explore our guide on what is social engineering.
The broader implications
The rise of QR code scams underscores the importance of cybersecurity awareness. As digital communication becomes increasingly integral to daily life, both individuals and organizations must recognize the potential risks associated with new technologies. Hackers are not just after data; they seek to erode trust in the platforms and tools people rely on.
Protecting yourself against QR code scams
To minimize the risk of falling victim to these attacks, consider the following precautions:
Verify the source: Never scan a QR code from an unknown or untrusted source. When in doubt, confirm the sender’s identity through an alternative channel.
Check the URL: Before taking any action, review the URL associated with the QR code. Look for inconsistencies or signs of a fake website.
Educate your team: Raise awareness about quishing within your organization to ensure employees can recognize and avoid these scams.
Use secure apps: Only link accounts or perform actions using official apps and websites. Avoid third-party tools that may lack proper security measures.
Learn more about why raising awareness is essential for combating these threats in our article on why gamification in awareness training works.
The importance of staying alert
As cybercriminals continue to innovate, staying informed is one of the best defenses against emerging threats. QR code scams highlight the importance of questioning the authenticity of digital interactions and taking proactive measures to secure personal and organizational data.
By fostering a culture of cybersecurity awareness, individuals and businesses can mitigate risks and maintain confidence in the digital tools that connect us all. Remember, the convenience of technology should never come at the expense of security.

Sarah Krarup
Sarah studies innovation and entrepreneurship with a deep interest in IT and how cybersecurity impacts businesses and individuals. She has extensive experience in copywriting and is dedicated to making cybersecurity information accessible and engaging for everyone.
View all posts by Sarah Krarup