Overview

North Korean attackers’ latest efforts to target foreign policy experts via quishing expose long-standing bring-your-own-device vulnerabilities that U.S. organizations have failed to address. Socially engineered attacks will continually bypass identity verification and network perimeter security measures if personal mobile devices remain in the workflow. As with any mitigation strategy against social engineering attacks, quishing must be stopped at the entry point so that the QR codes used to spread malware and malicious URLs never reach employees in the first place.

Book a Meeting with the Author

Related content

January 27, 2026
Foolproof Payments: How AI is Revolutionizing Payment Fraud

Payment fraud is becoming harder to detect as transactions move faster and fraud tactics evolve. Fraud teams are being pushed to make quick decisions with limited context, leading ...

December 08, 2025
SMS Blasters: An Expanding Frontier in Smishing Attacks

Cybercriminals use SMS/text blasters in smishing attacks, sending a wide range of fraudulent messages. By mimicking legitimate cell towers, SMS/text blasters bypass carrier-level p...

November 18, 2025
2025 Dark Web Threat Intelligence Vendor Scorecard

Javelin’s newest cybersecurity scorecard, the 2025 Dark Web Threat Intelligence Vendor Scorecard, evaluates leading dark web threat intelligence vendors on the market today. This i...

Make informed decisions in a digital financial world

Let's Connect