"Quishing" is a form of cyber attack that uses fake QR codes to lure victims to dark websites or download malware. From there, victims have their sensitive information stolen such as passwords, bank account information, etc. Worldwide, the number of "quishing" scams has skyrocketed from 0.8% in 2022 to 12.4% in 2024 (according to Egress - UK).

According to experts, unlike phishing scams, QR codes do not allow users to check the link address before accessing it, making prevention more difficult.

Therefore, users need to:

- Avoid scanning QR codes from untrusted sources, especially those posted in public places such as gas stations, electric poles, or sent via text messages or emails from unknown sources.

- Check carefully around the QR code for signs of being overwritten.

- Choose QR code scanning applications with security features and malicious link warnings.

- After scanning the QR code, carefully check the URL displayed on the browser. If you find anything unusual, close the browser immediately.

- Make sure your mobile device has security software installed to detect and prevent viruses and malware.

Bkav