- The phishing QR, also known as Quisling, is a rising scam where attackers try to encourage you to scan false QR codes
- Cybercriminals may target your personal data, connect identification information, bank accounts or try to infect your smartphone by malware
- These QR codes can be found everywhere, from parking lots to museums
You might be used to receiving emails or SMS at the scam, but did you know that you can also be scammed via a QR code? This form of the increasingly common scam is called Quishing – and it is quickly spread again recently.
According to CNBC73% of Americans scanned a QR code without verifying that the source link was safe, and NordVPN discovered that 26 million were directed to malicious websites.
Meanwhile, in the United Kingdom, Action Fraud (the National Reporting Center for Fraud and Cybercrime) recently revealed that 3.5 million pounds sterling had been lost against scams in the year preceding 2025.
These QR Scam codes are used for everything, from sending false payment links to the installation of malware on your phone. Here is everything you need to know about the latest quay attacks and how to protect yourself.
What exactly is the quay?
The session is a form of phishing that is fully done via a QR code. Although he was not as widespread a few years ago, he skyrocketed during the pandemic, when the QR codes have become more than a small funny oddity.
In recent years, QR codes have permeated the fabric of our daily life. We see them everywhere, from television advertisements to restaurant menus or leaflets. Unfortunately, QR codes are intrinsically opaque. It is difficult to check how secure a link is at a glance, which makes these codes easy to falsify.
The way it works is shocking. Whether the qr code of the scam appears in an email or elsewhere, it is always accompanied by something that will lead you to scan it. Payment prompts, medical forms or products on products are common targets. When you analyze the code and click on, you will be taken to the next part of the scam, which is either a website or a script that installs malware on your phone.
Unfortunately, if the code has been falsified, the target website is a scam. At best, it will also fly that you are trying to pay for parking; At worst, this could compromise your phone or your bank connection identification information.
Are QR codes in public places sure to use?
Although QR codes found in restaurants or museums seem to be a safe bet, this is not always the case either.
Unlike phishing emails, QR codes have a strong real impact. It is too simple for threatening actors to fascinate the legitimate codes found in public spaces. That said, the threat is much greater in open public spaces, rather than in interior spaces.
For example, in a parking lot, the crooks physically replace the sticker in the parking lot, director people to a legitimate website where they can pay their parking bill. The same can be done with posters or leaflets found almost anywhere.
It is important to remember that it is not a niche, and it can happen to anyone. Keepnet Labs have found that QR codes are an increasingly common support to send phishing links, with 26% of all the malicious links delivered in this way.
How to stay safe
Quisling, just like all other forms of scam, is based on the creation of a feeling of emergency. Whether it is an exciting offer or a payment reminder seriously, seduction crooks want you to scan the code and that you do without asking questions. This is why the best way to stay safe is to be vigilant and take your time.
Let’s say that you have received a QR code integrated into an email that tells you to secure your account, activate multi-factor authentication or obtain a reduction code. Do not trust him right away – it could be a scam. Even an e-mail address of legitimate appearance may not mean that you are clear, because the crooks can divert accounts to send these QR codes.
To stay safe, take no unexpected email at its nominal value. If a service tells you that your account has been compromised, do not digitize codes in this email. Instead, go to the website or the application directly and modify your connection identification information, without interacting with the content of the email.
Faced with QR codes in places where they could have been falsified, it is better to take your time rather than scan the code quickly. In a parking lot, do not scan the code – go directly to the address. Only the QR codes which are physically impossible to replace for the crooks are safe.
If you analyze a QR code, make sure you never provide personal information or connection connections. It is always better to be mistaken on the side of prudence. Before following the link to any website, look at it carefully and compare it to what you know as the real deal.
QR codes certainly make our lives easier, but unfortunately, the more they are widespread, the more they must be targeted by crooks. It is never a bad idea to invest in one of the Best Android antivirus applications To protect your phone from pirates.
