One of the lasting impacts of the COVID-19 pandemic is the popularity of QR codes. They’re everywhere, from your table at a restaurant and the register at your favorite coffee shop to random stickers on light poles along the street.
And just like with everything else, criminals have found a way to turn these helpful little codes into a scam. It’s called QR code phishing, better known as “quishing.”
What is quishing?
Similar to a regular phishing scam where fraudsters impersonate trustworthy sources to obtain your personal information, quishing relies on the prevalence of legitimate QR codes to win people’s trust. So you could scan what looks like a perfectly legitimate QR code only to be redirected to a malicious website or download malware.
Unbiased. Straight Facts.TM
26% of malicious links are now sent via QR code, according to cybersecurity firm Keepnet Labs.
These scams have become so rampant that the Federal Trade Commission issued an alert about them earlier this year. Since then, multiple state and local governments have followed suit.
How common is quishing?
According to the cybersecurity company Keepnet Labs, more than a quarter of all malicious links are now sent via QR code.
In a recent report, CNBC stated that the virtual private network company NordVPN estimates that 73% of Americans scan QR codes without verifying them first, and more than 26 million people have been directed to malicious sites this way.
How can I protect myself from quishing scams?
There are some ways to avoid quishing scams, according to cybersecurity company Malwarebytes. Here’s what to look out for:
- Be wary of QR codes that appear in unsolicited emails or messages.
- If a QR code does not give context or explanation of what it’s for, don’t scan it.
- Check the sender’s email address. Look for the usual signs associated with scams, such as misspellings and unusual domain names.
- If the source of the QR code urges you to act quickly, be skeptical.
- Try to verify the code’s legitimacy by contacting the alleged sender through official channels.
- Use a QR code scanner app that checks the safety of a link before opening it.
Another way to stay safe is to be vigilant after scanning a QR code. If taken to a page that prompts you to enter personal information, first double-check the logo and full URL of the website. For an additional layer of protection, Malwarebytes recommends manually typing the original URL into your browser instead of using the link provided by the QR code, if possible.
Malwarebytes also recommends enabling two-factor authentication, so if your personal information is compromised, you can prevent unauthorized access to your accounts. Also, never accept an authentication notification you didn’t initiate yourself.
Click this link for the original source of this article.
Author: Alex Delia
This content is courtesy of, and owned and copyrighted by, https://straightarrownews.com and its author. This content is made available by use of the public RSS feed offered by the host site and is used for educational purposes only. If you are the author or represent the host site and would like this content removed now and in the future, please contact USSANews.com using the email address in the Contact page found in the website menu.
