
Smartphone users are now being alerted by the FBI and cybersecurity organizations to a new fraud called “Quishing,” which includes malicious or phony QR codes. Particularly vulnerable are those who often utilize QR codes for logins or payments; some victims have lost thousands of dollars. Here’s what you should know and how to protect yourself.
The FBI and other federal authorities have recently expressed concern over the increase in QR scam attacks, sometimes known as quishing, in which unwanted parcels show up at people’s doorsteps. These packages frequently contain QR codes that, when read by the camera on mobile phones, cause victims to install malware or be redirected to phony websites. Your device may be compromised as a result, and your personal information may be taken.

Online retailers are targeted by Quishing
The most recent worry centers on these frauds that prey on people who frequently transact online. In order to steal your data, attackers are creating QR codes that point to dubious websites. These scams can also compromise your bank accounts and phone, enabling scammers to steal your money, according to the Brandenburg Consumer Advice Centre (VZB).
In one scenario, scammers pose as legitimate customers interested in buying a product. They ask the seller to scan a QR code to start the transaction rather than giving money straight to the seller. By directing the victim to a phony PayPal login screen, this code may fool them into inputting their account information. This strategy is a type of phishing on websites.
With zero-click tactics that don’t involve any user engagement, some attacks are become even more hazardous. Usually, high-profile people like politicians, journalists, attorneys, and activists are the target of these.
Cyber Security Coach Online security specialist Alex East cautions that hackers might post phony QR codes in both public and private areas, such convenience store payment terminals or gas pumps. During normal transactions, these codes have the ability to reroute customers to malicious websites.

Ways to stay safe
VZB recommends users to exercise caution when making digital transactions to prevent becoming victims of QR code frauds. It’s crucial to confirm that the vendor is the one displaying the QR code before paying, as opposed to scanning one that has been supplied by another party. Always look for indications of questionable activity on the website you are sent to, such as misspelled domain names or odd layouts.
Scanning QR codes from unwanted parcels, email attachments, or public places should generally be done with caution as they may direct users to fraudulent websites. It’s even better to stay away from scanning QR codes completely unless you know exactly where they came from.
It’s also strongly advised to strengthen account security using two-factor authentication (2FA), particularly when money is involved. Consider using passkeys, a more secure login option that is already supported by many websites and apps, for even more security.
Security features on both iPhones and Android smartphones, such as warnings for phony websites and fraud detection in calls and messages, can aid in spotting scammers. To get the most protection, make sure these features are turned on.

Google Pixel Watch 4

Google Pixel 9

Samsung Galaxy Watch 8
Keep Reading
The Huawei Nova 17 Air is beginning to take shape in leaks, with the latest report pointing to a possible debut window of late November or early December this year. If accurate, it would mark the first Airy-branded model in the Nova lineup. Weibo leaker SuperDimensional reported that the Huawei Nova 17 Air, also referred […]

Early Geekbench results for the Snapdragon 6 Gen 5 show almost no CPU improvement over the Snapdragon 6 Gen 4, with the older chip actually edging it out in single-core performance. GPU gains look more promising, sitting around 20%, but raw processing power appears to be largely unchanged. Typically, when a company like Qualcomm releases […]

New software launches rarely go off without a hitch, and Android 17 is proving no different. Shortly after the update rolled out, Pixel owners began reporting connectivity problems — specifically, losing access to 5G entirely after installing the update. Reports surfaced on the Google Pixel subreddit, with multiple users across different device generations describing the […]

Huawei’s next Kirin 5G chipsets for the Mate 90 series are expected to deliver a meaningful performance step up over the 2025 versions, driven by a shift away from Moore’s Law toward Tau’s Scaling Law. According to a new leak, HarmonyOS 7 is being developed with this architectural shift in mind. Weibo leaker @FixedFocus reports […]

The Honor X70 Pro Max has arrived without any formal launch event, slipping onto the market with a focus on durability, battery endurance, and a capable Qualcomm chipset. The phone comes in four color options: Phantom Purple, Sunburst Gold, Bamboo Rhythm Green, and Phantom Night Black. It measures 161.9 x 76.1 x 7.76mm and weighs […]

If Samsung Messages is still the default texting app on a Galaxy phone, July is going to require some attention. The app is being deactivated for US users, and texts, RCS conversations, and message history stored inside it won’t move anywhere on their own. Everything is transitioning to Google Messages – and while the migration […]




Comments & Discussions
Join the conversation! We use Disqus to handle comments. Click the button below to load the comment section.