Mastodawn

📢 Quishing via QR codes stylisés : Deakin University propose ALFA pour bloquer les scans malveillants
📝 Selon Help Net Security (15 janvier 2026), des chercheurs de Deakin University ont étudié l’usage de **QR...
📖 cyberveille : https://cyberveille.ch/posts/2026-01-16-quishing-via-qr-codes-stylises-deakin-university-propose-alfa-pour-bloquer-les-scans-malveillants/
🌐 source : https://www.helpnetsecurity.com/2026/01/15/fancy-qr-codes-phishing-risk/
#QR_codes #TTP #Cyberveille

Quishing via QR codes stylisés : Deakin University propose ALFA pour bloquer les scans malveillants

Selon Help Net Security (15 janvier 2026), des chercheurs de Deakin University ont étudié l’usage de QR codes stylisés (couleurs, formes, logos, images de fond) dans les attaques de quishing et présentent une méthode de détection centrée sur la structure du code plutôt que sur l’URL embarquée. Les QR codes masquent leur destination jusqu’au scan, ce qui contourne les passerelles e-mail qui inspectent les URL en clair. Les versions « fancy » brouillent en plus les repères visuels (modules arrondis/étirés, recolorés, logos centraux, arrière-plans), conservant une scannabilité élevée tout en perturbant les outils de détection existants.

CyberVeille

83r71n Mar 3, 2025

QR codes, those black-and-white squares you scan with your phone, are becoming a new tool for scammers. This type of scam is called "quishing," a mix of QR codes and phishing. Scammers use fake QR codes to trick people into giving away personal information or downloading harmful software.

Quishing works by placing fake QR codes in public places like parking meters, restaurants, or even on delivery packages. When someone scans the fake code, they are directed to a malicious website that looks real. This website might ask for personal details, like passwords or credit card numbers, or it might download malware onto the user's device.

One common scenario involves scammers putting fake QR codes on parking meters. When people scan these codes to pay for parking, they are redirected to a fake payment site that steals their payment information. Another example is scammers posing as utility companies or government agencies, sending fake QR codes in emails or text messages. Scanning these codes can lead to identity theft or financial loss.

Quishing is effective because people are often less cautious when scanning QR codes compared to clicking on suspicious links. To protect yourself, treat scanning a QR code like clicking on an unknown link.

https://hackread.com/rise-of-qr-phishing-how-scammers-exploit-qr-codes/

#cybersecurity #qr #qr_codes #quishing #phishing #scam #identity_theft