A concerning trend involving QR codes poses a threat to smartphone users, potentially leading to financial losses due to hacking attempts. Referred to as “quishing,” this alert has been highlighted by Action Fraud, indicating a rise in attacks that cost individuals significant amounts annually.
The primary target locations for these fraudulent activities are car parks, where criminals manipulate authentic QR codes on parking machines using counterfeit stickers. Additionally, quishing schemes are observed on online shopping platforms, where sellers are sent QR codes via email for account verification or payment receipt purposes.
Claire Webb, Acting Director of Action Fraud, emphasized the increasing prevalence of QR codes in daily life, warning about cybercriminals leveraging quishing to deceive the public into disclosing personal and financial information. To prevent falling victim to quishing, individuals are advised to scrutinize QR codes before scanning, especially in open spaces, and to be cautious of suspicious emails or texts containing QR codes.
In response to the alert, Action Fraud has issued new guidance, recommending the use of the phone’s built-in QR scanner instead of third-party scanning apps from app stores. Additional safety measures include exercising vigilance when encountering QR codes in emails and verifying their authenticity in public settings to avoid tampered codes.
While QR codes offer convenience, it is essential for users to exercise caution and verify the legitimacy of codes before scanning them on their devices.
