General

Beware of quishing: The new cyber scam targeting QR code users

By Winnie Onyando
Cyber criminals. PHOTO| PHOTOSFORCLASS

Most people are aware of phishing scams, but few are aware of quishing scams.

Quishing, a hybrid of “QR code” and “phishing”, involves the use of malicious QR codes that, when scanned, redirect users to fraudulent websites designed to steal personal information, install malware or initiate unauthorised transactions. Cybercriminals often place these codes in public places, luring unsuspecting victims with promises of exclusive offers or important information.

Trevor Cooke, privacy expert at EarthWeb, warns: “Quishing is a relatively unknown but rapidly growing problem that exploits QR codes on mobile devices.

While phishing attacks via email or fake websites are well known, quishing takes a different approach by exploiting the trust and convenience of QR codes.

According to a recent intelligence report, quishing attacks are set to grow dramatically, from 0.8% of all email phishing attacks in 2021 to a staggering 10.8% in 2024.

The dangers of quishing are many.

With the widespread use of mobile devices and the perception of QR codes as trustworthy, individuals are more likely to fall victim to these scams.

In addition, quishing incidents can occur in a variety of scenarios, making detection and prevention challenging.

A study conducted between June and August 2023 revealed a significant increase in quishing incidents, with 8,878 cases reported over the three-month period. June saw the peak of this trend, with 5,063 reported cases, indicating a worrying shift in cybercriminal tactics.

As QR code technology continues to proliferate, experts fear that quishing incidents could escalate further in 2024. The predicted growth of QR code payment systems, with global spending expected to exceed $3 trillion by 2025, presents huge opportunities for fraudulent schemes such as quishing.

To protect yourself from quishing scams, the study offers the following tips:
1. Be cautious when scanning QR codes from untrusted sources or in public places.
2. Check the source and purpose of QR codes before scanning.
3. Use reputable QR code scanner applications that can detect potentially malicious links.
4. Keep mobile devices and operating systems up to date with the latest security patches.
5. Be sceptical of unsolicited offers or discounts promised by QR codes.

Read more

Related stories

How Abel, Phil made millions from their latest Sh12 million budget film How Abel, Phil made millions from their latest Sh12 million budget film

Actor and scriptwriter Abel Mutua has revealed how his company Phil-It, co-owned by fellow filmmaker Phillip Karanja, made millions of...
Read more

Wema Sepetu on why not having Diamond's child still hurts Wema Sepetu on why not having Diamond's child still hurts

Famous Tanzanian actress Wema Sepetu has opened up on her old unhealed wounds from her relationship with Bongo Flava star singer Diamond...
Read more

Chimano explains why it's expensive to book Sauti Sol at this time Chimano explains why it's expensive to book Sauti Sol at this time

With the members of Sauti Sol still on their indefinite music hiatus as a band, vocalist Willis Chimano has opened up about the amount of...
Read more

Burna Boy Nairobi show and other big events to look out for in 2025 Burna Boy Nairobi show and other big events to look out for in 2025

Kenya's entertainment industry continues to evolve and transform at a rapid pace. The year 2025 promises a jam-packed calendar of...
Read more

Why Sakaja decided to cancel the Nairobi County Festival 2024 Why Sakaja decided to cancel the Nairobi County Festival 2024

With the year almost coming to an end, the much-anticipated Nairobi County Festival, launched by Nairobi's Governor Johnson Sakaja, two...
Read more