A new phishing technique aimed at QR codes has increased in popularity after the boom that these have had and that we already see in many places. It is known as Qrishing and we explain what it consists of.
With the great fame and use that is gradually gaining the QR code, that we see more and more often in restaurant menus, rental of electric scooters or pdf readings, It seems more than logical that I also get the problems of new hacks and theft of private data.
To contextualize, QR codes are those square images with a series of black and white codes that we see in newspapers, restaurant menus, brochures, the Internet…etc. and that when scanning them they redirect us to a site Web, save contacts or open applications. Typically, a QR code stores a URL and other related information.
Let’s just remember that QR code that they presented as an advertisement on American television for a minute in the 2022 Super Bowl which simply redirected users to the official website of Coinbase, who paid $16 million.
Everyone unceremoniously scanned it, bringing down the web immediately. What would have happened if someone had hacked that code with malicious intent?
As well, the next time you see a QR code and are tempted to scan it, beware. And it is that, by now, we have all heard, we have known someone who has been affected or we have been affected by a phishing attempt or some of its versions.
But if that wasn’t enough to worry you, we now have a new actor in the story, QRishing, also known as quishing, which affects those who read one of these codes with their smartphone.
What is QRishing?
QRishing is the simple way that some people have of take advantage of a QR code to steal private informationinstall malicious software on a device, or direct a person to a website not sure with quite a few bad intentions. QRishing translates to what we all know as Phishing but with the use of QR codes.
For example, the attacker can leave pamphlets at a bus stop, on restaurant tables, or even via email. When a person scans the QR code with his mobile phone, thinking that it is something interesting to consult or a menu, a URL, an image or a map with directions to a place, among other things, will be displayed.
From here, the scammers already rely on their technological capabilities to trick victims into sharing sensitive data. The trick is that they know perfectly what techniques to use to get your attention and make you fall.
And it is that, unlike hyperlinks, hovering over a QR code does not show the destination URL, so, for example, it’s easy for a scammer to tell a potential victim to scan a QR code for a chance to win somethingfor instance.
How does this new scam work and for what purpose?
It goes without saying that not everyone would scan a random QR code without an incentive or reason to do so. This is why cybercriminals often find flashy ways to arouse people’s interest. And it is that, the reason to believe in the authenticity of the code is the place where it has been placed.
These usually act by taking, for example, an apparently reliable brochure such as that of an institution or company and they change the QR code but keeping all kinds of details and design that make it look real. The objective of these attacks can range from the theft of personal information to the advertising or the economic fraud.
They also often use mass messaging via WhatsApp with code that they know will be shared or emails.
This last case is usually part of the well-known email phishing methods. Unlike the shortened hyperlinks we’ve already seen, hovering your phone over a QR code doesn’t display the destination URL, so it’s easy for a scammer to tell a potential victim to scan it for example. whatever reason.
For example, the attackers they usually distribute ads offering discounts on Amazoor other well-known companies to those who scan the provided QR codes. This type of scam is not based on curiosity or the need for information, but on that search for savings.
How to avoid QRishing
Scan and read a QR code It mainly requires two things: a camera and a browser to access the information in the QR code. Being so simple means that it is also easy to avoid being a victim.
On the one hand, it is recommended to take a look at where that QR code is inserted, why? Basically because many come in some kind of plastic or glass case onto which the fake code is inserted, as you can see in the image below.
Specialists claim that attackers can replace QR codes of well-known companies by placing a sticker on top of their banners or by replacing entire banners or brochures with their own reprints.
On the other hand, as with other types of online scams, avoid opening a URL that is shortened, so if this is the case, it is better to avoid them. In relation to this aspect, be careful before entering your credentials. Make sure the web address, if not shortened, starts with ‘https://’.
Logically, one of the great tips is to always keep your device’s software updated. It is well known that hackers can exploit vulnerabilities in your application software or your phone’s operating system without your knowledge.
Of course, do not put your credentials in any URL that asks for it. These are usually inserted to provide information, so if you are not 100%, avoid entering passwords, emails, names… etc.
With all this and already knowing that this scam exists, be skeptical of any QR code you see, that comes to you via WhatsApp or by mail and especially on the street or in public places. This form of phishing is relatively new, and not many people know about it, which means that anyone can easily fall for it.