QR codes at the moment are a part of on a regular basis life. Whether or not you’re paying for parking, viewing a restaurant menu, or monitoring a parcel, they provide fast and handy entry to digital providers. However behind that comfort lies a rising cyber menace that’s catching out 1000’s of individuals yearly.
In 2025, so-called quishing scams have surged, with cyber criminals more and more utilizing pretend QR codes to steal private and monetary info.
What’s quishing?
Quishing is a sort of phishing assault that makes use of QR codes to trick folks into visiting malicious web sites. As soon as scanned, these pretend codes can lead customers to fraudulent pages the place they’re requested to enter delicate particulars comparable to financial institution info, passwords and even obtain rogue apps.
Victims typically assume they’re doing one thing easy, like paying for parking or viewing a menu. However as an alternative, they could be giving criminals entry to their information and even their financial institution accounts.
The sharp rise in QR code scams
The UK’s nationwide fraud reporting service, Motion Fraud, obtained almost 1,400 experiences of quishing in 2024 alone. That’s a large bounce from simply 100 in 2019. And specialists warn the true quantity is probably going a lot increased attributable to under-reporting.
Organised crime teams are closely concerned in these scams. Criminals are focusing on high-traffic areas like automotive parks, eating places and public areas by sticking pretend QR codes over authentic signage. These codes are sometimes designed to look similar to the unique, making them troublesome to detect.
One instance comes from Castleford, West Yorkshire, the place a person scanned a QR code at an area council-run automotive park. It redirected him to obtain an unauthorised app, and whereas it appeared like he was paying 90p for parking, he was truly subscribing to a £39 yearly service with no refund choices.
These scams are sometimes dismissed by authorities because of the comparatively small sums concerned, however when scaled throughout 1000’s of victims, the monetary influence is critical. Worse nonetheless, many of those assaults are simply step one in a bigger fraud try.
Why companies must be paying consideration
Whereas customers are the direct victims in most of those circumstances, companies can simply change into a part of the issue in the event that they use QR codes in customer-facing environments with out the suitable checks in place.
The dangers embody information theft, lack of buyer belief, cost fraud, reputational harm and even compliance breaches. For mid-sized companies that rely on digital instruments and cellular workforces, quishing presents a severe and infrequently ignored threat.
Recognizing the pink flags
Quishing assaults are designed to mix in, however there are indicators to observe for:
- QR code stickers that look misplaced or poorly hooked up
- URLs that appear unusual or comprise misspellings after scanning
- Requests to obtain apps exterior of trusted app shops
- Uncommon requests for cost or verification particulars
What you are able to do to guard your online business
There are sensible steps you’ll be able to take to defend towards these assaults:
- Prepare your workers to recognise QR scams and suspicious behaviour
- Commonly examine signage and printed supplies for indicators of tampering
- Keep away from linking to third-party QR instruments with out correct vetting
- Use cellular gadget administration (MDM) to regulate what workers can set up
- Implement net filtering instruments to dam malicious websites
How Neuways may help
At Neuways, we work intently with companies to strengthen their cyber defences towards each well-known and rising threats like quishing.
Whether or not you employ QR codes internally or in public areas, we may help assess your present threat, implement secure utilization insurance policies, and prepare your groups to remain alert. Our safety options embody endpoint safety, menace detection, and common audits to verify nothing slips by way of the cracks.
If you happen to’re involved about how new threats like this might influence your online business, our specialists are right here to assist. We provide tailor-made cyber safety assist for medium-sized organisations trying to keep safe in a altering digital panorama.
Get in contact in the present day to learn the way Neuways may help shield your online business from fashionable cyber threats.
