Move over, URLs – scammers worldwide have increasingly been using QR codes to trick people into providing personal info.
A new scam has emerged involving a QR code sent by email, linking to a malicious site. This new phishing technique is on the rise, so beware!
You’ve probably already heard of phishing, which involves tricking users into divulging personal information in order to steal their identity or their money. It usually takes the form of emails and websites posing as those of well-known brands or institutions.
Now, a new kind of scam is on the rise, known as quishing. This involves tricking people with a simple QR code, and the scam is booming around the world.
According to IT security specialist Check Point, the number of quishing attacks increased sevenfold between August and September.
The term is a contraction of “QR code” and “phishing”. Hackers are now making greater use of this method in their activities, mainly via email, because a QR code to be scanned leaves less room for doubt or suspicion than a complex URL.
If the user scans the malicious QR code, they are redirected to a page where their personal data can be stolen.
So, avoid scanning any QR codes you receive by email, and continue to take precautions when faced with dubious messages. The golden rule is to never click on a suspicious link – or in this case a QR code – received in an email or DM, which could send you to a corrupted site.
If you receive such correspondence from your bank, insurance company, or even your telecoms provider – whether genuine or a phishing attempt – you should never click on any link. It’s best to log into your account directly via the service’s dedicated website or app to check whether the information is correct.
Similarly, never open unexpected attachments or attachments in an unfamiliar format.