Phish: Quishing message on LinkedIn

Published: August 26, 2024

This phishing attempt is known as quishing, a social engineering tactic where malicious actors use QR codes to steal information from unsuspecting recipients. This message was sent to U of T community members via LinkedIn.

If you receive an unsolicited QR code, do not scan the code as it could be a phishing attempt.

Email details

This link works for anyone in your organization

Attached is a brief presentation, please take a look and let me know if we could take on a joint development on this projects or any other means.

Scan the QR code using your phone to get started

*malicious QR code*

Microsoft respects your privacy. To learn more, please read our Privacy Statement.

Microsoft Corporate, one Microsoft Way, Redmond, WA 98052

Phishing cues

  • Spelling and grammar mistakes

    The email contains spelling mistakes and grammatically incorrect sentences.

  • Unprofessional design or formatting

    The email lacks typical professional formatting including a legitimate signature and contact information.

  • Generic greeting

    This message does not say who the message is intended for.

  • Unsolicited attachments or links

    This email includes an unsolicited QR code and asks recipients to scan it.

Icon for report phishing

Report phishing

If you have received a suspicious email like this one, please report it to report.phishing@utoronto.ca and delete it immediately from your mailbox. Don’t click any links, download attachments, engage with the sender or share the email with your contacts. If you engaged with the sender, please contact security.response@utoronto.ca immediately.