• Home
• Technology

Kaspersky has issued a warning regarding a novel and highly sophisticated phishing technique via email, which relies on generating Quick Response (QR) codes using text characters and symbols rather than traditional images. This new method allows attackers to bypass many standard email security solutions that rely heavily on image scanning and malicious link detection.

The cybersecurity firm highlighted that QR codes embedded in emails have long been a popular tool for digital fraud. The second half of 2025 saw a sharp spike in this specific type of attack, with QR-based phishing (often referred to as "quishing") increasing fivefold compared to previous periods.

This emerging tactic leverages a technique known as "ASCII art," where images are constructed entirely from text characters. The origins of this method trace back to the early days of computing in 1963, when devices lacked the capability to display traditional graphics, prompting the use of the ASCII character set to create visuals.

Kaspersky noted that while spammers frequently used ASCII art in the early 2000s to hide content from security systems, modern cybercriminals are now repurposing the exact same concept to create malicious QR codes that are exceptionally difficult for cybersecurity solutions to detect.

According to researchers' analysis, these new attacks follow a familiar pattern. Victims receive an email appearing to be from a business partner or a trusted entity, claiming to contain a confidential document that requires signing via the DocuSign platform. The message prompts the user to scan the QR code to access the document, which subsequently redirects them to a fraudulent website designed to harvest their corporate login credentials.

Roman Dedenok, Anti-Spam Expert at Kaspersky, explained: “We have previously seen attempts to hide malicious links within images to bypass security scanners. Now, attackers are reverting to using text symbols to create QR codes in an effort to evade image analysis technologies. When a user is asked to enter their corporate credentials after scanning a QR code—especially if that code is generated using ASCII text art—it is highly likely a phishing attempt aimed at redirecting them to a malicious site.”

The company emphasized that the primary objective of this deceptive trick is to circumvent traditional cybersecurity tools that scan for embedded images and links within emails.

To counter this evolving threat, Kaspersky recommends that organizations deploy specialized security solutions for their email servers. Products such as those offered via kaspersky.com provide robust protection against spam, malware, phishing, and Business Email Compromise (BEC), in addition to neutralizing QR code attacks and other advanced cyber threats.