PLDT and Smart warn against scanning QR codes from dubious entities, usually sent through emails or messaging platforms. The group says this could be a form of ‘quishing’.
Not to be confused with phishing and smishing, quishing is a new form of online scams that makes use of a malicious QR code that when scanned, directs unsuspecting victims to a fake version of a legitimate website, and lures them into giving up sensitive information like login credentials.
The use of QR codes for financial transactions has proven useful during the COVID-19 pandemic after the government required merchants to shift to electronic payment amid health-related restrictions.
How to protect yourself against quishing
So, how do you protect yourself against quishing? PLDT and Smart advise to only scan QR codes that come from trusted sources or known senders.
Before clicking a link, check the destination first. If it seems dubious, best not to visit it. Watch out for advertising materials that have been tampered with as well.
Other than QR codes, criminals also run ‘smishing’ or fraud over text messages and ‘vishing’ or voice calls to deceive their victims. These are different forms of social engineering or the use of deception to trick a person into divulging private or sensitive information that may be used for criminal activities.
The group also warns against persons asking for your PIN (personal identification number), security code, or OTPs (one-time passwords).
Remember, cybercriminals are more active now than ever. They are constantly finding ways to hack the system to scam whomever they can, so it’s important to stay vigilant and keep your guards up.
Image Credit: Unsplash