Quishing is a type of phishing attack in which a threat actor uses a QR code to manipulate users, typically by redirecting them to a website that either downloads malware or solicits their sensitive information.
Always double-check the source of the QR code before scanning it. If you receive a QR code via email, messaging apps, or from an unknown source, be cautious. Only scan QR codes from trusted and reputable sources.
Before visiting any website linked by the QR code, inspect the URL. Check for misspellings or variations that may indicate a phishing attempt. If the URL looks suspicious, avoid scanning the QR code.
Consider using QR codes as a part of two-factor authentication (2FA) systems. This adds an extra layer of security and helps ensure that the QR codes are generated by a trusted authentication system.
If you encounter a QR code that appears suspicious, report it to the relevant authorities or the platform where you encountered it. Reporting helps prevent others from falling victim to the same phishing attempt.