iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
QR codes have become an everyday convenience, seamlessly linking physical and online experiences.
From restaurant menus to event tickets, these scannable squares are now pretty ubiquitous – especially in the post-COVID-19 era. However, with convenience comes the potential for abuse, and QR code phishing – also known as quishing – is on the rise.
Here are three things you need to know about this emerging threat.
1. How does QR code phishing work?
QR code phishing is a tactic that relies on the unsuspecting nature of QR code scanning. Attackers create malicious QR codes – these codes can be placed on physical objects, such as posters, brochures, or even stickers, making it easy for attackers to deceive individuals. They are often placed over legitimate QR codes, such as on parking metres or near point-of-sale in cafes or shops.
Once a victim scans the malicious QR code, they are redirected to a fraudulent website designed to mimic a legitimate one. For example, a fake banking website may request login credentials or personal information. Unsuspecting users may unknowingly enter sensitive data, which can then be harvested by cyber criminals.
2. The dangers of QR code phishing
QR code phishing presents several dangers, ranging from identity theft to financial loss and personal data breaches. Here’s why it’s crucial to be aware of this threat:
- Data theft: Attackers can steal personal information, including usernames, passwords, and credit card details through deceptive QR codes.
- Malware infection: Some malicious QR codes can trigger the download of malware onto your device, allowing cyber criminals to gain control or monitor your activities.
- Financial loss: Scanning a fraudulent QR code can lead to unauthorised transactions and loss of money.
3. Protecting yourself from QR code phishing
To safeguard against QR code phishing, follow these essential steps:
- Examine QR codes: Before scanning any QR code, inspect it for legitimacy. Check for unusual URLs, misspellings, or distorted patterns. Also, be aware if a sticker has been placed over a legitimate code.
- Use a secure QR code scanner: Use a reputable QR code scanner app that can identify malicious codes and warn you about potential threats. You can find these on your app store of choice.
- Educate yourself: Stay informed about emerging threats, like QR code phishing, and educate yourself and your family on how to recognise and respond to potential dangers.
- Verify URLs: If you’re redirected to a website after scanning a QR code, double-check the URL. Ensure it’s an official site with a secure connection with the https:// prefix.
Cyber criminals are increasingly exploiting our trust in these handy codes to steal sensitive information and cause financial harm. But secure scanning apps and a degree of vigilance can protect you from this insidious and growing attack vector.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
