News Desk
The News Desk provides timely and factual coverage of national and international events, with an emphasis on accuracy and clarity.
Unlike traditional phishing emails, 'Quishing' relies on physical deception.
Shutterstock
The Dubai Cyber Security Center has issued a warning to residents about a fast-spreading cyber threat known as “Quishing,” a form of phishing that uses fake QR codes to steal personal and financial information.
According to Gulf News, officials said these scams are increasingly appearing in public places across the UAE, disguised as ordinary QR codes for parking payments, free Wi-Fi access, or promotional offers.
How the scam works
Unlike traditional phishing emails, “Quishing” relies on physical deception. Cybercriminals place a sticker containing a fake QR code over a legitimate one — often found on parking meters, café windows, or promotional posters.
When scanned, the code redirects the user’s phone to a fraudulent website designed to look authentic. Victims are then tricked into entering personal details, login credentials, or bank card numbers, which are immediately stolen.
“It’s a clever and dangerous trick because people trust QR codes and use them every day without thinking,” the Dubai Cyber Security Center said in its advisory.
Common target areas
Authorities said scammers typically target locations where people act quickly and without much scrutiny.
Residents are urged to be extra cautious when scanning QR codes found on:
Free Wi-Fi posters: These may redirect users to fake login pages to capture passwords.
Advertisements and promotions: Offers that promise discounts or free services might request a small “processing fee” to steal credit card data.
How to protect yourself
The Dubai Cyber Security Center and police authorities advised the public to follow a few simple steps to stay safe:
Inspect before you scan: Check if the QR code looks like a sticker or appears tampered with. If so, don’t scan it.
Verify the website: After scanning, check the web address carefully before entering any details. Watch for spelling mistakes or unusual domain endings.
Use official apps: For payments or government services, always use verified apps or official websites rather than public QR codes.
Keep devices secure: Ensure your smartphone has up-to-date antivirus or security software that can block suspicious links.
Authorities said awareness is key to avoiding these scams. QR codes have become a common part of daily life, but criminals are exploiting that trust for financial gain.
“Not every QR code leads where you expect,” the center warned. “Stay alert, scan smart, and protect your data.”
Comments
See what people are discussing