A concerning new trend is emerging where smartphone users are at risk of falling victim to hackers through the use of popular QR codes. Termed “quishing,” this method is increasingly being employed by cybercriminals to deceive unsuspecting individuals, potentially resulting in the compromise of sensitive personal and financial information.
According to a recent alert by the team at Action Fraud, these attacks are on the rise, leading to significant financial losses amounting to millions each year.
The primary targets of this fraudulent activity are often in car parks, where criminals manipulate authentic QR codes on parking machines using counterfeit stickers.
Furthermore, quishing is also prevalent on online shopping platforms, where sellers are sent QR codes via email for account verification or payment processing purposes.
Claire Webb, Acting Director of Action Fraud, emphasized the increasing ubiquity of QR codes in daily activities, highlighting the vulnerability of individuals to cybercriminals seeking to exploit this technology for illicit gains.
To mitigate the risks associated with quishing, Webb advised individuals to exercise caution before scanning QR codes, particularly in public spaces or when prompted via emails or messages containing suspicious codes.
In response to the alert, Action Fraud has issued recommendations, including refraining from using QR code scanning applications from third-party app stores and instead utilizing the built-in QR-scanner on mobile devices.
Additional safety tips include exercising caution when encountering QR codes in emails and verifying the authenticity of codes in public settings to prevent falling victim to potential tampering.
Action Fraud reiterated the importance of vigilance, particularly in high-risk locations like stations and car parks, where individuals should be wary of tampered codes, often indicated by stickers placed over legitimate QR codes, and refrain from scanning them if in doubt.
While QR codes offer convenience, users are advised to exercise caution and diligence before scanning any codes on their smartphones.
At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the sale or sharing of your data, at any time clicking the “Do Not Sell or Share my Data” button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to