Tech For Humans Newsletter
You've probably scanned a few QR codes this week without thinking twice. Maybe a parking meter or a restaurant menu.
Hackers have noticed how casual we've become about it, and they've built an entire new scam around it.
In today's email, I'm showing you how "quishing" works and the 3 habits that will keep your team out of it.
You'll also find a 30-second Outlook fix that stops spam meetings from cluttering your calendar, a wild stat about how few small businesses have cyber insurance, and a gadget you’ll want to have in your office.
So grab your favorite beverage, get comfy, and let’s dig in.

THE BIG IDEA

Quishing: The New Phishing Scam |
| A few years ago, scanning a QR code felt suspicious. Today, you probably scan three or four a day without thinking about it... parking meters, restaurant menus, conference badges, charging stations, etc. And because of that, there's now an entire category of attack called "quishing," which is just phishing delivered through a QR code instead of an email link. The FBI started issuing public warnings about it in 2024. Since then, reported attacks have jumped over 600%, and small businesses are getting hit harder than anyone. Think about what happens when a phishing email lands in your inbox. Your email provider scans it for known threats, and your IT setup flags suspicious links. But none of that exists with a QR code. You point your phone at a square of black-and-white dots, and you have no idea where it's about to send you until you're already there. By the time the fake Microsoft 365 login page loads on your phone, you've also stepped outside your company's security stack. And your personal phone isn't running the same protections as your work laptop. So these attacks usually arrive in one of three ways. Someone prints a fake QR sticker and slaps it over the real one on a parking meter, EV charger, or restaurant menu. An attacker embeds a QR code inside a PDF attachment. The code slips past email filters that only scan text links. Or a flyer, business card, or conference poster sends you to a fake landing page that drops malware on your phone or steals your login. Three habits will keep your team safer:
If you'd like us to check whether your team's phones and email gateway are set up to flag malicious QR codes, just reply to this email. We'll take a look. |

JOHN'S TECH TIP |
|
Stop Spam Meetings From Auto-Filling Your Calendar By default, Outlook adds every meeting invite to your calendar the moment it arrives, even before you've responded. Turn off "Auto-process invitations" in Outlook settings so nothing lands on your calendar until you accept it. |
THE LATEST NEWS |
|
🔓 Same Crew That Hit ADT Just Stole Data on 275 Million Students ShinyHunters (the same group behind the ADT breach) broke into Instructure, the company behind Canvas, the learning management system used by 41% of US higher education and a chunk of K-12. They claim 275 million individuals’ data stolen across nearly 9,000 schools.
|
|
🤖 Anthropic Drops 10 Pre-Built AI Agents for Financial Services Anthropic released ten ready-to-run Claude agents that handle pitchbooks, KYC screening, month-end close, and seven other workflows that typically eat up junior analyst hours. The agents work inside Excel, PowerPoint, Word, and Outlook, with full audit trails for compliance. JPMorgan, Goldman Sachs, Citi, and AIG are already using them in production.
|
|
🔋 80% of Top AI Users Say They're Doing Work They Couldn't Do a Year Ago Microsoft published its 2026 Work Trend Index, based on trillions of productivity signals and a survey of 20,000 workers across 10 countries. 49% of Microsoft 365 Copilot conversations now handle the kind of thinking work that used to require deep expertise, and 80% of the most advanced users say they're producing work they couldn't have a year ago. |
THE INTERESTING STATISTIC

|
|
THE GADGET OF THE MONTH

The Synology BeeStation is a plug-and-play personal cloud server about the size of a router.
Plug it in, set up an account, and your whole team gets private storage they can use through phone, desktop, and web apps that work just like the services you're paying for now.
The 4TB version runs around $300 (no monthly fees), and because the files live on a device in your office (not on someone else's server), you stop trusting sensitive client data to a third party.
It pays for itself inside the first year for most small teams, and faster if you've got more than a few users.
THE BOOK OF THE MONTH

If you've ever felt like every business book skips the part where running a company breaks you a little, The Hard Thing About Hard Things is the book to read.
Ben Horowitz (cofounder of Andreessen Horowitz, one of Silicon Valley's biggest venture firms) wrote it after running a company that came within 30 days of bankruptcy more than once.
The whole book is built around the moments business books usually skip. Firing a friend, laying off half your team, calling an investor with bad news, keeping your head when everything is on fire at the same time.
It's not a feel-good book. It's the one you'll wish you'd read before your hardest week as an owner.

DID YOU KNOW? |
|
When the founders of Google built their search engine in 1996 as a Stanford project, they named it BackRub because it analyzed the web's "back links." |
Thanks for reading!
The Transcend Networks team and I put this newsletter together to share tech advice that’s actually useful, and (hopefully) even fun to read 🙂
When we’re not writing these, we’re helping businesses like yours become more secure and stay productive without all the tech headaches.
If you ever need a professional opinion on anything IT-related, simply hit reply and let me know.
We're here to help 🙂
