What is Quishing?
Quishing, or QR phishing, is a cybersecurity threat in which attackers use QR codes to redirect victims to malicious websites or prompt them to download harmful content. The goal of this attack is to steal sensitive information, such as passwords, financial data, or personally identifiable information (PII), and use that information for other purposes, such as identity theft, financial fraud, or ransomware.
This type of phishing often bypasses conventional defenses like secure email gateways. Notably, QR codes in emails are perceived by many secure email gateways as meaningless images, making users vulnerable to specific forms of phishing attacks. QR codes can also be presented to intended victims in several other ways.
What are QR codes?
QR codes, or Quick Response codes, are two-dimensional barcodes that can be scanned easily with a camera or a code reader application. The main component of a QR code is data storage. QR codes can store significant amounts of information including URLs, product details, or contact information. Scanning technology allows smartphone cameras or code readers to easily and quickly access the website to which the URL points.
How does Quishing work?
In a Quishing Attack, the attackers create a QR code and link it to a malicious website. Typically, the attacker will embed the QR code in phishing emails, social media, printed flyers, or physical objects, and use social engineering techniques to entice the victims. For example, victims might receive an email urging them to access an encrypted voice message via a QR code for a chance to win a cash prize.
Upon using their phones to scan the QR code, victims are directed to the malicious site. The site may prompt victims to enter private information, such as login information, financial details, or personal information. In the example above, the site may request the user’s name, email, address, date of birth, or account login information.
Once this sensitive information is captured, attackers can exploit it for various malicious purposes, including identity theft, financial fraud, or ransomware.
How can end-users prevent Quishing?
Make sure to verify the URL associated with the code, and refrain from submitting personal information, making payments, or downloading anything from a site assessed through a QR code. By adopting these practices, individuals can reduce the risk of falling victim to quishing attacks.
If you'd like more information and to see where this information was retrieved from, please visit https://www.cloudflare.com/learning/security/what-is-quishing/