Beware! Recognize the 'Quishing' Crime Mode and Avoid It
Beware of 'Quishing' Digital Crime - The digital technology advancement is susceptible to the rise of cybercrime methods. One of the latest prevalent modes is quishing.
The 'quishing' crime mode combines phishing techniques with Quick Response (QR) technology for electronic payments. The goal of quishing is to steal personal, financial, or user credential information such as user IDs, passwords, PINs, and OTPs.
Arga M. Nugraha, the Director of Digital and Information Technology at PT Bank Rakyat Indonesia (Persero) Tbk or BRI, explains that there are several common methods of quishing used by criminals.
"The modes include manipulating QR codes with target links leading to phishing sites, and QR codes that insert malicious intent applications or malware injection," he said in his official release on Sunday (28/1/2024).
He added that quishing is an act of fraud and crime that can cause losses for both banks and the public. He also urges customers to maintain the confidentiality of their data and be cautious in accepting messages.
So, how to avoid the cybercrime mode of quishing?
Here are the steps to avoid quishing, especially related to electronic payments.
1. Verify the QR code
Make sure the QR code comes from an official source with the name or identity of the merchant listed on the application according to the desired payment destination.
If still unsure, always confirm directly with the merchant regarding the merchant's name and financial service institutions listed on the QRIS display.
2. Check transaction information
For payment transactions, check all the information displayed on the device before confirming the payment.
Customers need to pay attention to the information that appears when scanning the barcode, from the payment amount to transaction details that match the actual ones.
3. Avoid sharing sensitive information
Use secure transaction channels to keep personal information protected when transacting using QRIS.
In addition, customers are advised not to share usernames, passwords, OTP codes, PINs, and other sensitive data via phone, text messages, email, or other media.
4. Update banking applications
Ensure that banking applications, digital wallets, and device security are always up-to-date.
5. Report suspicious activities
If you see suspicious activities, immediately report them to the customer service of financial institutions related to transactions using QRIS.
These are the definition of quishing and steps to avoid it, especially concerning electronic payments.
