New phishing campaigns attempt to evade detection by constructing rogue QR codes with special ASCII characters and load phishing pages locally using the local blob URL feature in browsers.