Be careful before you scan any QR code. SUR
Beware of 'quishing': This is how to avoid the new QR code scam that is on the rise
Consumer protection

Beware of 'quishing': This is how to avoid the new QR code scam that is on the rise

More than 70% of phishing cases are now committed using this new technique and Spain's National Police force has warned of the proliferation of these attacks

Almudena Nogués


Sunday, 30 June 2024

Opciones para compartir

There is yet another new scam doing the rounds in Spain that requires extreme caution. It goes by the name of 'QRshing' or 'quishing' - the fusion of the acronym 'QR' (Quick Response) with the term 'phishing' - and it works via the QR codes that are becoming much more common in the country.

The aim of the cyber criminals is none other than to give a new twist to a scam with which the majority of the population was already familiar and to take advantage of advances in the technology to make it more sophisticated. The ultimate aim, however, is the same: to impersonate banks, institutions, parcel delivery companies and others in order to trick the victim into providing personal or credit card details.

The excuse is usually a pending charge (overdraft, customs fees, etc.) and the medium is a website created in the image of the original website of the company or body in question. "These copies are so accurate that many [victims] end up getting stung and seeing their current account balance reduced when there is nothing left to do but report the scammer, who usually leaves no trace," warn cybersecurity experts.

Check Point, a provider specialising in AI-based cloud cybersecurity solutions, has flagged up this increase in phishing attacks using QR codes. The company warns of a new campaign "in which the QR code is not in an image, but is created using HTML and ASCII characters". At the end of May, more than 600 emails following this pattern were detected in Spain, according to the latest reports.

Quishing attacks differ from traditional phishing attacks in the way the link in an email is formatted. So, instead of a text-based link, a QR code directs the victim to the malicious website. When a user scans the QR code, their device can extract the indicated link and take the user to that URL.

"We are now seeing a new trend towards QR code manipulation," said the experts. Cyber criminals are inserting small snippets of code into the HTML. At first glance in an email this might look like a standard QR code but, to an OCR reader (the optical character recognition used in standard QR codes), no relevant information is detected. There are online platforms that make it easy for fraudsters to automatically generate malicious code, which can be configured to include malicious links. In many cases of QR code phishing attacks, the email pretends to be a request for authentication. However, the presence of ASCII characters in the QR code can lead security systems to overlook the risk, misinterpreting the email as secure."

More than 70% of phishing scams are currently committed using QR codes, according to estimates by the cybersecurity company ProofPoint. In fact, Spain's National Police force has already warned of the proliferation of quishing attacks across their different social media channels.

So, what precautions should we take to avoid getting into trouble when scanning this type of image?

First of all, when swiping the camera of our mobile phone over these codes, we should pay attention to the associated web address when previewed on the phone's screen. "Before clicking on it, check that it starts with 'https' instead of 'http', i.e. that it is a secure URL," suggest the experts. Once inside the website, you should be wary of any form that requires you to enter bank or personal details. Does the logo of the website correspond to the original logo of the company you are interested in, or does it appear to have been altered in some way? Does it include text with spelling or grammatical mistakes? If so, it could be impersonating the legitimate website.

Beware of stickers with QR codes that appear to be placed on top of other stickers or labels. It is also advisable to install an antivirus program on your device (to alert you to possible viruses, malware or suspicious addresses) and to keep your operating system up-to-date with the latest version to ensure you have the latest security patches.

Reporta un error en esta noticia

* Campos obligatorios