The Rise of Quishing
As QR codes become ubiquitous, cybercriminals have adapted. "Quishing" (QR phishing) involves placing malicious QR codes over legitimate ones (e.g., on parking meters) to steal payment info.
1. Inspect the Physical Code
Before scanning a code in public, check if it's a sticker placed over an original code. If you can peel it off, do not scan it.
2. Preview the URL
Modern smartphones will preview the URL before actually opening the browser. Always read the URL carefully. If it looks like a random string of characters or a misspelled brand name, cancel the scan.
3. Beware of Unsolicited Codes
Do not scan QR codes that arrive randomly in your email or via SMS, especially if they urge immediate action regarding your bank account.
4. Use Built-in Scanners
Avoid downloading third-party "QR Scanner" apps. They are often riddled with ads and malware. Stick to the native camera app on your iOS or Android device.