Warning issued over disturbing 'quishing' trend many people are falling victim to
This might be the most dangerous cybersecurity scam so far
As long as the internet exists then cybersecurity will be a concern, but the latest 'disturbing' trend gives you another reason to stay vigilant when on the web and out in real life.
Scams are everywhere, and they're so sophisticated it's sometimes hard not to fall prey to them no matter how knowledgeable you think you are when it comes to cybersecurity.
We've seen text messages targeted at travelers, AI that helps make scam emails feel more genuine, and extortion attempts that use stolen Google Maps data to take your money.
These feel juvenile, however, compared to a new scam technique named 'quishing', which uses QR codes to divert users to dodgy sites and dangerous malware.
Advert
The world has become more than used to QR codes following the pandemic, as you see them on the back of your WiFi router, on helpful leaflets, and on the menu of your favorite restaurant.
One of the most prevalent uses though comes in the form of quick-pay sites in parking lots and other public access areas. These allow you to avoid the hassle of a machine and pay using your phone, and the QR code directs you to the relevant website.
While there is a bit of faff involved when it comes to scanning the code with your phone camera, it's seen as largely harmless and a convenient measure. Yet you could be putting yourself in danger of a malicious attack.
Scammers have now taken to placing stickers over these QR codes with designs of their own, which send users to false sites designed to have you install nefarious software or send them money.
As you can see in the video above, posted by @explainlikeimfivee on Instagram, the 'fake' code peels away to reveal the real QR below.
The reason why this is so effective is because we're unable to effectively read QR codes, as they're - by design - a bunch of lines that look identical to the naked eye.
By nature you assume that you're being sent to the right place, and if the fake site is convincing enough then you're likely to be none the wiser.
We've seen similar scams occur at card machines and ATMs before, where scammers install a fake reader that takes your card info, but this is potentially even more dangerous.
It's definitely something to think about next time you go to scan a QR code, as it's worth the couple of seconds needed to check whether it's a fake one or not.
It might seem like something that'll never happen to you, or that you'd be able to spot a fake website if you're met with one, but you can never be too careful these days.
Some things you can do outside of peeling the code itself is to double check the website URL to see if it's what you're expecting, avoid downloading anything prompted by a QR code, and to try and avoid entering any payment information or personal details - although this is tricky.
Oftentimes, as reported by ZDNET, a strong sign of a scam is a sense of urgency, where the scammer will try and get you to enter your details as quickly as possible to avoid you catching on or double checking anything.
Always take your time with these things, as painful as that might be, as it's much better to be sure you're safe than to deal with the significant consequences afterwards.