Monday 28 November 2022

What is QRishing, the new modality of cyber fraud?

Do you scan every QR code you see? This clever phishing scam might make you think twice...

Paying the bills


La Sele maintains World Cup dream alive!

QCOSTARICA - Costa Rica's 1-0 win over Japan early...

Five Steps to Receiving a Business Loan

A business loan is a regular procedure for any...

Pandemic Has Led to ‘Silent Crisis’ in Education in Latin America, Caribbean

Q REPORTS (Reuters) Santiago, Chile — The social and...

Why Canada wants 1.5 million immigrants by 2025

Q REPORTS (BBC Mundo) Canada is betting on immigration...

Children’s Hospital reported this week occupancy of up to 120% due to respiratory viruses

QCOSTARICA - The Hospital Nacional de Niños (HNN) -...

Costa Rica officially celebrated Thanksgiving Day for the first time

QCOSTARICA - For the first time and officially, Costa...

Immigration detains three people for depriving domestic workers of their liberty

QCOSTARICA - Costa Rica's immigration police detained two women...

Dollar Exchange

¢599.50 Buy

¢606.96 Sell

26 November 2022 - At The Banks - BCCR

Paying the bills


QCOSTARICA – Do you scan every QR code you see? This clever phishing scam might make you think twice due to QRishing, a form of phishing attack where hackers exploit QR codes to steal private information, install malicious software on a device, or direct a person to an unsafe website.

QRishing exploits the tendencies of phone users to scan QR codes out of curiosity, boredom, or necessity

QRishing is one of the fraud modalities taking advantage of soccer fans in the framework of the World Cup in Qatar 2022.

This form of attack consists of implanting false codes and when the user scans it, they are directed to an illusory website that asks for their credentials; In this way, cyberattackers steal payment data, duplicate cards or supplant the identity of the victims.

- Advertisement -

“Cyber attacks are constantly evolving and there are more and more ways in which we receive fraudulent notifications, for this reason, it is important that people understand that no one is exempt from being a victim of QRishing or any other form of theft. It is essential to be informed of these trends to know how to proceed and not fall into cybercrime” said Joey Milgram, manager of Secure Solutions in Costa Rica.

So how do these attacks work? How can you avoid falling victim to a QRishing attack?

The website explains QRishing exploits the tendencies of phone users to scan QR codes out of curiosity, boredom, or necessity. For instance, the attacker may leave flyers at a bus stop or on tables at restaurants or coffee shops. When a person scans the QR code with their phone, thinking it’s an ad or menu, it displays a URL, an image, or a map with directions to a location, among other things.

From here on, scammers rely on social engineering (the act of manipulating people to steal private information from them) to trick victims into sharing sensitive information. Hackers may also exploit vulnerabilities like WebKit bugs in a browser to take over the victim’s device.

Of course, not everyone would scan a random QR code without an incentive or a caption explaining what they can expect to see.  Or do they? So cybercriminals often find another way to get people interested.

How to Avoid QRishing

Scanning and reading a QR code mostly requires two things: a camera and a browser to follow the information in the QR code. As it’s so simple, that means it’s simple to avoid falling victim too.

Here’s how:

  • Block camera access on your phone
  • Disable automatically opening links when scanning a QR code
  • Keep your phone software updated
  • Avoid sharing sensitive information online
  • Think before you scan
  • Do not trust spam emails
- Advertisement -

If the QR code leads to a page that asks for personal information, especially passwords or data related to payment methods, it is important to stop and think for a moment if the context requires it.

On the good side, QRishing is less common than other types of phishing because an attacker would need to invest some effort into distributing the malicious QR code.

However, this form of phishing is relatively new, and not many people know about it, which means people can easily fall for it. Cybercriminals who carry out these attacks have everything to gain and nothing to lose.


- Advertisement -
Paying the bills
Avatar photo
"Rico" is the crazy mind behind the Q media websites, a series of online magazines where everything is Q! In these times of new normal, stay at home. Stay safe. Stay healthy.

Related Articles

Seniors targeted by cybercriminals

QCOSTARICA - Cybercrime does not forgive social rank or age and...

BAC reports a new scam attempt targeting its customers

QCOSTARICA - BAC Credomatic customers are being targeted with a new...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.