IT Scams – Quishing

IT Scams – Quishing


The word “quishing” may sound all cute and squishy, but quishing is something to take seriously. A combination of the words “QR code” and “phishing,” it means tricking someone into scanning a QR code (Quick Response) using their mobile phone. When scanned, the QR code then takes the user to a bad website that might download a virus or ask for sensitive information.

Here are three things you can do to avoid the dangers of QR code phishing:

  1. Never, ever scan a QR code in received by email from an unfamiliar sender.
  2. Familiarize yourself with the signs of a phishing email – e.g., a sense of urgency, small mistakes in the email and the sender address – and never click on links or scan QR codes if anything “feels off.”
  3. If the QR code takes you to a page that asks for your login credentials, never enter them there. If you think there might be a legitimate concern with a purchase, delivery, or online account, visit the company’s website directly in your browser or call the business by phone.