QRTrust Logo
Don't trust every QR code.
Back to blog
Security

BSI Report 2025: Cyber Spies Target German Administration

9 min read

The BSI warns: Cyber spies are specifically targeting German authorities. Germany is the fourth most frequent target worldwide. At the same time, phishing, quishing and vishing attacks are rising dramatically.

The new report from the Federal Office for Information Security (BSI) paints an alarming picture: Cyber spies have specifically targeted German administrations. At the same time, phishing attacks – especially through manipulated QR codes (quishing) – are increasing dramatically. A wake-up call for authorities and citizens.

Main Target: Public Administration

According to the current BSI report, cyber spies are particularly interested in public administration data. Besides administrations, defense, justice and public security agencies are also affected.

Germany holds a sad top position: As the fourth country worldwide, Germany is most frequently targeted by so-called APT groups (Advanced Persistent Threat) – only the USA, India and Japan are more affected.

The Threat Situation in Numbers

4th Place

Germany is the fourth most frequent target of APT attacks worldwide

€202 Billion

Damage to the German economy from cyberattacks within one year

New Phishing Threats: Three Threats on the Rise

Parallel to cyber espionage, the BSI warns of three new phishing trends that threaten citizens and authorities equally:

1. Brand Impersonation

In the first half of 2025, the number of fake websites posing as well-known online retailers rose sharply. Criminals exploit trust in established brands to steal payment details and personal information.

Affected: Online shoppers directed to fake shop pages

2. Quishing (QR Code Phishing)

Manipulated QR codes are increasingly placed in public spaces – on parking meters, charging stations, in government letters or as stickers on public transport. Those who scan these codes land on fake phishing websites.

Particularly at risk: Drivers, users of public infrastructure, recipients of government mail

3. Vishing (Voice Phishing)

Vishing cases are increasing: Cybercriminals pose as IT support on the phone to gain network access. Often authorities and companies are affected, whose employees are deceived by supposed help calls.

Target: Employees of authorities and companies who give away access data on the phone

Almost 10,500 Citizen Inquiries – Phishing in First Place

Within one year, nearly 10,500 inquiries from citizens were received by the BSI service center. Almost half of these inquiries concerned concrete cybersecurity incidents.

The most frequently reported incidents:

  • 1.Phishing attacks (emails, SMS, fake websites)
  • 2.Account abuse (stolen credentials)
  • 3.Identity theft (fake profiles, fraud in the victim's name)

Why Conventional Protective Measures Are Not Sufficient

The threat situation shows: Reactive measures such as awareness campaigns or removing manipulated QR code stickers fall short. The attackers are faster.

Problem 1: Human vs. Machine

Citizens cannot recognize fake QR codes with the naked eye. Even trained employees fall for professional forgeries.

Problem 2: Time Delay

Until a phishing page is reported and blocked, hundreds of victims have already given away their data.

Problem 3: Fragmented Defense

Authorities rely on different systems without a common threat database. Each municipality fights alone.

Problem 4: Lack of Prevention

Existing systems only react after an incident. What is missing is proactive protection before the first click.

QRTrust: The Technological Response to the BSI Warning

QRTrust offers exactly what the BSI report demands: a proactive, technological solution that stops phishing attacks before they cause damage.

How QRTrust Protects Authorities and Citizens:

6-Layer Security Check

Every QR code is checked in real-time against Google Safe Browsing, our local threat database and AI models.

Redirect Tracking

QRTrust follows up to 5 redirects and analyzes the final destination – criminals cannot hide behind nested URLs.

Real-Time Warning

Before you visit a suspicious site, you see a clear warning with threat level and details.

Municipal Whitelisting

Authorities can have their official QR codes certified. QRTrust shows citizens a green checkmark for verified codes.

Monitoring Dashboard for Authorities

Administrations receive real-time overview of suspicious scan patterns and automatic warnings for manipulation.

For Administrations: Protection of Critical Infrastructure

Public administration is particularly at risk according to the BSI report. QRTrust offers tailored solutions for authorities:

Employee Protection

QRTrust protects government employees from phishing emails and manipulated QR codes in official mail. All incoming QR codes can be checked before scanning.

Citizen Security

Municipalities can recommend QRTrust as official verification app. Citizens scan municipal QR codes (parking meters, government mail) with QRTrust and receive immediate feedback on authenticity.

Legally Sound Documentation

Every detected phishing attempt is documented (screenshots, timestamps, URL history). This data can be used for investigations and prosecution.

Practical Example: A Government Employee Receives Fake Mail

Scenario: A city administration employee receives a letter with an allegedly urgent request to scan a QR code (supposedly for an 'important security update').

Without QRTrust:

  1. Employee scans QR code with standard camera app
  2. Lands on fake IT support page
  3. Enters credentials for government network
  4. Attackers have access to sensitive administration data

With QRTrust:

  1. Employee scans QR code with QRTrust app
  2. QRTrust detects: URL is not in authority whitelist
  3. Warning: 'This URL is not registered as an official government channel'
  4. Attack prevented, IT security informed, source documented

Conclusion: Technology Instead of Reaction

The BSI report 2025 makes clear: Germany is in the crosshairs of cyber spies and phishing criminals. Public administration is a main target, and new attack methods like quishing and vishing are increasing rapidly.

The solution does not lie in more warning notices or removing stickers – but in proactive technological defense. QRTrust does exactly that: We protect before the damage occurs. For authorities, companies and every citizen.

Protect Your Authority with QRTrust

Talk to us about a tailored solution for your administration. Free initial consultation for public institutions.

Schedule Consultation

Sources

This article is based on the current BSI report on IT security and press reports:

Back to blog