Gibraltar: Friday, 24 May 2024 at 11:00 CET
CYBER VOICE PR | THREAT INTEL: QUISHING – Quishing Is The New Scam to be on your Guard for
Syndicated By Iain Fraser – Cybersecurity Journalist
IainFRASER.net/CYBERInsights/CYBERVoice
Cybersecurity PR
Google Indexed on 240524 at 13:00 CET
#CYBERVoice #CybersecurityJournalist #SMECybersecurity
A new cybercrime threat has emerged, and it’s called “quishing.”
While many of us are familiar with the term “phishing,” which involves scammers attempting to obtain sensitive information through fraudulent emails or websites, quishing takes a different approach, exploiting the convenience and ubiquity of QR codes. Alarmingly, quishing has risen from making up a mere 0.8% of all email phishing attacks in 2021, to accounting for a staggering 10.8% in 2024, according to one intelligence report.
Trevor Cooke, Privacy Expert at EarthWeb warns, “Quishing is a relatively unknown but rapidly growing problem that preys on our trust in QR codes and our reliance on mobile devices.”
As QR codes have become increasingly prevalent in various aspects of our lives, from contactless payments to accessing information, cybercriminals have found a new avenue to exploit.
What is Quishing?
Quishing, a portmanteau of “QR code” and “phishing,” is a form of social engineering attack that involves the use of malicious QR codes. These codes, when scanned, can redirect unsuspecting victims to fraudulent websites designed to steal personal information, install malware, or initiate unauthorised transactions.
While phishing scams typically rely on emails or fake websites, quishing takes advantage of the convenience and perceived trustworthiness of QR codes. Cybercriminals can create malicious QR codes and place them in public spaces, such as restaurants, airports, or even on product packaging, luring victims into scanning them.
The Dangers of Quishing
The prevalence of quishing is a cause for concern for several reasons. First, we have become increasingly reliant on our mobile devices for various tasks, making us more susceptible to falling victim to such scams.
Additionally, QR codes tend to be perceived as trustworthy and convenient, leading many individuals to scan them without hesitation. Furthermore, quishing can occur in a wide range of scenarios, making it challenging to detect and prevent. Cybercriminals can exploit our curiosity or sense of urgency by creating QR codes that promise exclusive offers, discounts, or important information.
One study noted that from June to August 2023, the cybersecurity world witnessed a startling surge in quishing incidents. It said that there were 8,878 incidents of quishing during this three-month period, indicating a worrying shift in cybercriminal tactics. June witnessed the peak of this trend, with a remarkable 5,063 reported cases of quishing in that month alone.
As the world becomes increasingly reliant on QR code technology, experts fear that quishing incidents may rise even further in 2024. The projected growth in QR code payment systems, with global expenditures expected to exceed $3 trillion by 2025, presents vast opportunities for fraudulent QR code schemes such as quishing.
Protecting Yourself from Quishing Scams
To safeguard yourself from quishing scams, it’s essential to exercise caution when scanning QR codes. Here are Trevor’s tips to help you stay vigilant:
1. Be wary of unknown QR codes:
Avoid scanning QR codes from untrusted sources or in public places unless you are certain of their legitimacy.
2. Verify the source:
If you encounter a QR code, try to verify its source and purpose before scanning it. Look for official communication channels or trusted websites that provide the QR code.
3. Use a QR code scanner app:
Consider using a reputable QR code scanner app that can detect and warn you about potential malicious links before you visit them.
4. Keep your devices updated:
Ensure that your mobile devices and operating systems are up-to-date with the latest security patches and updates to mitigate vulnerabilities that could be exploited by quishing scams.
5. Be cautious of unsolicited offers:
If a QR code promises an unrealistic offer or discount, it’s likely a scam. Exercise scepticism and verify the legitimacy of such offers before taking any action.
‘Today, cybersecurity is paramount, so being vigilant against emerging threats like quishing is crucial,’ Trevor says. He adds: ‘Staying informed about new threats is pivotal for protecting your personal information and digital security.’
About EarthWeb
EarthWeb helps you discover the best research guides and resources for tech and online privacy. Their mission is to help you simplify processes and make informed buying decisions. Trevor Cooke is the online privacy expert at EarthWeb. His personal mission is to help keep consumers safe by keeping them informed of privacy tips and common online scams.
