NEWYou now have the option to listen to articles from Fox News!
QR codes have become a popular method for accessing menus, checking into locations, and making payments. However, cybercriminals are now targeting these convenient and contactless options. There has been a rise in “quishing” attacks, a form of phishing that utilizes QR codes instead of traditional methods like emails or text messages.
These quishing attacks have proven to be effective, with millions of individuals unknowingly accessing malicious websites. Shockingly, 73% of Americans admit to scanning QR codes without verifying the legitimacy of the source. Experts warn that this trend could jeopardize people’s personal information and finances.
The Concerning Increase in Quishing
Security researchers from NordVPN report that fake QR codes have deceived over 26 million people into visiting harmful websites. These codes are often placed inconspicuously, such as on top of payment portals, redirecting unsuspecting users to sites designed to steal personal and financial data. Some even install malware on users’ devices.
Government agencies have also taken note of this threat. The FTC issued a warning earlier this year about cybercriminals attaching malicious QR codes to packages. The New York City Department of Transportation and Hawaii Electric also reported instances of fake QR codes being used to steal payments.
QR Codes: A Growing Security Risk
The original purpose of QR codes was to track auto parts, not to ensure security. Their widespread use has made them attractive to scammers. Unlike traditional phishing methods, QR codes allow cybercriminals to conceal their destination until scanned, eliminating a crucial layer of user scrutiny.
Protecting Yourself from Quishing
1) Verify the Source
Before scanning a QR code, consider its origin. Avoid scanning codes found in public places without questioning their authenticity. Cybercriminals often cover legitimate QR codes with malicious ones to redirect users to fake websites. Always assess the source before scanning.
2) Use Personal Data Removal Services
Consider using a reputable personal data removal service to prevent cybercriminals from collecting information for phishing attempts.
3) Assess the QR Code
Inspect the physical QR code for signs of tampering before scanning it.
4) Scrutinize the Web Link
Double-check the URL after scanning a QR code to ensure it is legitimate before proceeding.
5) Use Strong Antivirus Software
Install reliable antivirus software to detect malicious content hidden in QR codes.
6) Enable Two-Factor Authentication
Activate two-factor authentication on your accounts to add an extra layer of security.
7) Access Websites Directly
Manually navigate to websites instead of scanning QR codes whenever possible.
8) Update Devices
Regularly update your device’s operating system and apps to prevent exploitation of software vulnerabilities.
9) Report Suspicious Activity
If you encounter a fraudulent QR code, report it to the relevant authorities immediately.
Kurt’s Key Takeaways
While QR codes are convenient, the associated risks are becoming more apparent. Stay informed and cautious when using QR codes to protect your personal and financial information.
Do you plan to avoid QR codes or be more cautious in the future? Let us know at Cyberguy.com/Contact.
Sign up for the FREE CyberGuy Report
Receive tech tips, security alerts, and exclusive deals straight to your inbox. Plus, get instant access to the Ultimate Scam Survival Guide when you join CYBERGUY.COM/NEWSLETTER.
Copyright 2025 CyberGuy.com. All rights reserved.
