Alerts issued over a rise in QR code scams, known as ‘quishing’
Egress: 77% of quishing attempts mimic well-known brands like DocuSign and Microsoft
(InvestigateTV) — “Quishing” attacks have skyrocketed by a factor of 10 between 2021 and 2024, according to security company Egress.
Experian said quishing is when bad actors steal money, personal information, or sensitive data and infect devices by distributing altered QR codes meant to mimic legitimate companies.
Identity Theft Resource Center Chief Operating Officer James Lee said he wants to warn consumers about the new scam.
“We know about phishing and smishing, and now we’ve got quishing,” Lee said. “Which is where a QR code uses, you use a QR code to have your information compromised.”
Lee said they’ve received reports of quishing scams in three states, but he knows it’s going to grow.
“It’s really easy to just walk up if you’re a bad guy, walk up, put a fake QR code on that parking meter, cover up the real one, and the money goes to you instead of to the city,” Lee explained. “And then you get a parking ticket. That’s how you find out it’s happened is when you get the parking ticket.”
Lee shared several tips for consumers to protect themselves from quishing scams:
- Before opening a QR code, make sure there aren’t additional layers of stickers on the code.
- In restaurants or stores ask the server to a code before using it.
- In parking lots, make sure the code takes you to a legitimate website for the parking company before sending payment.
Lee also said businesses should be mindful of bad actors using their QR codes to trick customers.
“It’s not only the responsibility of the person who’s going to park there to check and make sure that that’s real,” he noted. “Whoever it is that is offering the QR code, they have to be diligent.”
The Federal Trade Commission (FTC) has additional tips to avoid the scam:
- Beware of QR codes in an unexpected places and inspect the URL before you open it.
- Don’t scan a QR code from an unexpected email or text message, especially if it urges quick action.
- Protect phones against hackers by updating online s with strong s and multi-factor authentication.
Copyright 2024 Gray Media Group, Inc. All rights reserved.
