Have you heard "quishing?" It’s when cyber criminals trick you into scanning a fake QR code. It then takes you to a fake website that may look legitimate.
QR codes can pop up anywhere in public, but now they’re getting more specific, targeting your inbox.
Ken Colburn of Data Doctors said a QR code is nothing more than a way to generate a web link.
It's why cybercriminals are using QR codes as a sneaky scam to steal your information.
Colburn says they have seen an uptick in these emails with QR codes.
Now, you might wonder: why would somebody email me a QR code? Colburn says there’s a simple reason.
“QR codes bypass the security in email systems that can check links because it looks like a graphic,” he said.
Colburn added that a QR code is not going to be treated the same way a link is treated by the automated security that’s set up in your email system.
Cyber crooks know this.
“So, it’s just a clever way of getting past the security,” said Colburn.
Scammers hope you will use your phone to scan the QR code that’s located in the email sent to you.
It’s a trick that’s so convincing that even tech expert Colburn says he almost fell victim.
“I got one that I thought was real, that made it look like it was time for me to update my benefits enrollments.”
Colburn said the email looked like a legitimate email from his benefits provider, but he also said the QR code inside the email should have been the tip-off that something was fishy.
Before you scan or click on anything in the email, Colburn says ask yourself: “‘Why does this email have a QR code?’ It doesn’t make sense,” explains Colburn. “The lesson here for everyone is that if you see a QR code in an email you should be immediately suspicious.”
Remember, anybody can make a QR code in two seconds — dozens of online tools can create a QR code to direct you to a web link.
Protect your information and be cautious when opening or scanning emails with QR codes.
“Everyone out there needs to add that to their red flag list,” said Colburn.
