In the ever-evolving world of cyber threats, another contender has emerged: Quishing. Combining elements of phishing and QR code exploitation, quishing is a growing concern for individuals and organizations alike. At GVSU, staying informed about these threats is vital to protecting our community's data and resources. 

What is Quishing? 
Quishing is a cyberattack that uses malicious QR codes to deceive individuals into divulging sensitive information or downloading harmful software. These QR codes often appear in emails, flyers, or even physical locations, enticing the user to scan them with promises of convenience or rewards. Once scanned, they redirect the victim to fake websites or trigger downloads that compromise security.

How Does Quishing Work? 

1. The Hook: Cybercriminals embed malicious QR codes in emails, posters, or signs that appear legitimate. Examples include a gift card promotion or an “important policy update” from a trusted source. 
2. The Attack: When the QR code is scanned, it leads to phishing sites that mimic legitimate ones or prompt a malware download.
3. The Impact: Users may unknowingly provide login credentials, financial information, or access to sensitive systems. 
    

Protect Yourself from Qushing: 
To safeguard your data and university resources, follow these best practices:

• Scrutinize the Source: Before scanning a QR code, verify its legitimacy. Is it from a trusted source? Were you expecting it?
• Hover Over Links: If the QR code leads to a URL, review the address carefully before taking further action. Most smartphones display the URL after scanning but before proceeding.
• Be Wary of Urgency: Cybercriminals often create a sense of urgency to pressure victims into quick action. Pause and evaluate the request.
• Use a QR Scanner with Security Features: Some scanner apps and built-in smartphone features can warn you about suspicious links.
• Educate and Report: If you encounter a suspicious QR code on campus, notify IT Services immediately. Reporting helps keep our community safe.