Quishing

Once again, online fraud techniques are evolving, leaving the uninitiated amazed. One of the most recent and alarming evolutions is ‘Quishing’, a form of phishing that exploits QR codes. According to Team Harmony Email, part of the Check Point Software company, phishing attacks using QR codes have increased by 587% since 2022, proving to be a favourite strategy of cyber criminals.

What is Quishing?

The term ‘Quishing’ is derived from the combination of ‘QR’ (Quick Response) and ‘Phishing’. This technique consists of using counterfeit or modified QR codes to direct victims to fraudulent websites. Once the QR code has been scanned, the user can be directed to a website imitating that of a real organisation. Here, the victim will be tricked into entering personal data, login credentials, financial information or downloading potential malwares.

Quishing attacks are gaining popularity among cyber criminals for several reasons. QR codes are widely used for their speed in a variety of contexts, from quick access to websites to sharing information. This makes them an ideal tool for deceptive attacks. In addition, many users are still not fully aware of this type of threat and therefore tend to blindly trust QR codes.