Phish: Quishing message on LinkedIn

Published: August 26, 2024

This phishing attempt is known as quishing, a social engineering tactic where malicious actors use QR codes to steal information from unsuspecting recipients. This message was sent to U of T community members via LinkedIn.

If you receive an unsolicited QR code, do not scan the code as it could be a phishing attempt.

Email details

This link works for anyone in your organization

Attached is a brief presentation, please take a look and let me know if we could take on a joint development on this projects or any other means.

Scan the QR code using your phone to get started

*malicious QR code*

Microsoft respects your privacy. To learn more, please read our Privacy Statement.

Microsoft Corporate, one Microsoft Way, Redmond, WA 98052

Phishing cues

  • Spelling and grammar mistakes

    The email contains spelling mistakes and grammatically incorrect sentences.

  • Unprofessional design or formatting

    The email lacks typical professional formatting including a legitimate signature and contact information.

  • Generic greeting

    This message does not say who the message is intended for.

  • Unsolicited attachments or links

    This email includes an unsolicited QR code and asks recipients to scan it.

Icon for report phishing

Report phishing

If you receive a suspicious email, do not open attachments or click on links. Report phishing attempts to security.response@utoronto.ca.

More phishing examples

Phish: Get Ready to Take Your Research to the Next Level

March 6, 2025

Phish: You have been sent new employee benefits/salary

March 6, 2025

Phish: UofT IMPORTANT NOTICE: Verification Needed

August 26, 2024