:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/EPD6SCOKPZEHLCNIRLW2BBP2JI.jpg)
First, it is essential to understand what a QR code is. The acronym QR stands for ‘Quick Response’, which means ‘Quick Response’ in English. According to Kaspersky, QR codes are an evolution of traditional barcodes designed to store digitized information that can be quickly read using a QR reader. Compared to traditional barcodes, QR codes can store more data, are less error-prone, and are easily read from devices such as smartphones.
Despite their advantages and widespread adoption in various industries, QR codes have also been exploited by malicious actors to commit cyber scams. Trade spoke with Fabiana RamÃrez Cuenca, a computer security specialist at ESET Latin America, to explore a type of fraud known as quishing. Quishing is a combination of the words ‘QR’ and ‘phishing’ and involves using QR codes for scams similar to phishing. Cybercriminals use QR codes to redirect users to fraudulent web pages or download malicious software onto victims’ devices.
The difference between quishing and phishing is that with QR codes, users cannot see the link to which they are redirected, making it harder to detect potential threats. Fraudulent QR codes can be found in both digital and physical contexts, distributed in various ways to trick users into sharing personal information or falling victim to financial fraud. Cases of fraudulent QR codes include users being directed to fake websites that mimic legitimate platforms and inadvertently disclosing sensitive information.
To avoid falling prey to quishing attacks, users must adopt security measures and follow practices recommended by cybersecurity experts like ESET. Some warning signs of a potential cyber threat include checking the origin of the QR code, especially if it arrives through unsolicited messages or offers tempting promotions. With the increasing popularity of QR codes in various applications, users must remain vigilant and cautious when scanning QR codes to protect their personal information and financial assets from cybercriminals.