navigate_nextSecurity Tipsnavigate_nextPersonal Security Awareness on How to Avoid and Prevent Phishing Scams via QR Codes

Personal Security Awareness on How to Avoid and Prevent Phishing Scams via QR Codes

About QR Code

• QR codes are two-dimensional barcodes that can store information and are commonly used for accessing websites, product details or promotions.
• Scan using a smartphone or QR code reader, making it convenient and widely used in various industries.

Understanding Quishing / QRshing (QR code-based phishing)

• Quishing / QRshing refers to the fraudulent use of QR codes to trick users into gaining unauthorized access or stealing sensitive user information.
• Scammers can create fake QR codes that lead to fraudulent websites to copy viruses or steal users' personal data without the user's knowledge.

Types of Quishing / QRshing Attacks

1. Quishing / QRshing leading to bad website:
• Scammers create fake websites with fake QR codes that look trustworthy.
• Users who scan these codes are redirected to these malicious websites where user data may be stolen or modified.
2. Quishing / QRshing that leads to Malware downloads:
• QR codes can be used to trick users into downloading malicious programs or files.
• Once the QR code is scanned, it will trigger downloads that could endanger users' devices or compromise their privacy.
3. Social Engineering Quishing / QRshing:
• Scammers can distribute physical or digital material with QR codes that lead to fake surveys, rewards or other attractive offers.
• These scams are intended to collect personal information or organize users to take specific actions for malicious purposes.

How to identify suspicious QR codes

• Look for signs such as: Some smartphones or QR code readers have the ability to display a warning or alert if the code looks suspicious or linked to a fraudulent attempt.
• Source Verification: Pay attention to the source from which the code is obtained - a clear source, such as a trusted website or authorized physical material, is generally safer.

Best practices to protect yourself from Quishing / QRshing

• Use a reliable QR code reader: Research and download a reliable QR code scanner.
• Be careful: Be careful when scanning QR codes from unknown or unreliable sources, especially in public places.
• Look for suspicious points before scanning: Before scanning, check the QR code for any bad signals, such as blurred, misplaced, or added stickers.

Perform a safe scan

• Keep your device apps up to date: Update your smartphone operating system and QR code reader regularly for security.
• Use the security features of your scanner: Some QR code scanners offer additional security measures such as URL scanning and anti-virus protection.
• Report a suspicious code: If you come across a QR code that seems suspicious, report it to the Information Security Operations Office.