There are many techniques with which they can steal your data and passwords. Hackers are constantly refining attacks and adapting to change as well. Surely you have ever used your mobile to read a QR code . For example, in a restaurant menu, in a monument that you are visiting or even for the Wi-Fi password. The problem is that this can be dangerous. It is what is known as Quishing . We are going to explain what it is and how to avoid problems.
They use QR codes to steal passwords
Cybercriminals are using a different phishing technique than usual and it is none other than QR codes. The strategy is the same as always: make the victim enter a page, in this case through this type of code. Once inside, they can steal passwords, sneak in malware, or cause you to expose sensitive information.
This is known as quishing. It’s nothing new, as it’s something hackers have been doing for a while, but it’s something that’s increasing a lot. It is logical to see this increase, since we are more used to using our mobile phones and scanning a QR code that we find anywhere, such as a bar.
What are they doing? Well, just like in traditional Phishing, they are able to create a web page that looks real, they do the same with QR codes. In this case they create a QR code that they place somewhere where the original could be. We return to the examples of a restaurant, a museum, etc. Sites where the victim can scan it to find information.
That fake QR code can lead us to any web page created by the attackers. They could ask you to log in to mail, Facebook or whatever. Those data and passwords can end up in the hands of attackers. They might even make you download a program that is actually a virus.
How to Avoid Quishing Attacks
So what should we do to avoid attacks via fake QR codes or Quishing? Undoubtedly the most important thing is common sense . You must check very well where you are entering. It is important that you see that the URL is official and it is not a trap. Also in case you have to download a file, be careful and see that it really is the correct one. You can always see if a website has Phishing.
It is also interesting to have security programs . If by mistake you have downloaded a file through a QR code and it turns out to be a virus, having a good antivirus installed can help you eliminate it. This will prevent them from stealing your passwords or putting your personal data at risk without realizing it.
On the other hand, having the device updated is also good. If you have a vulnerability, an attacker could exploit it if you enter through a fake QR code. Keeping everything up-to-date will help you also correct bugs of different types and prevent them from being taken advantage of.
In short, as you can see, Phishing is a major security problem. Quishing or fake QR codes is something that is increasing a lot lately. It is essential that you remain safe and do not make mistakes.