Protect your identity: How to spot the latest 'quishing' scam mimicking Centrelink and Medicare
- Replies 27
In the digital age, staying vigilant against scams is a critical part of protecting your personal information. Unfortunately, scammers are constantly devising new methods to deceive individuals.
The latest tactic preying on Australians involves the misuse of quick response (QR) codes—a technology that has become commonplace today, especially since the COVID-19 pandemic.
This new scam, known as 'quishing', is particularly insidious as it impersonates trusted government entities like Centrelink and Medicare.
QR codes, those small square matrices of black and white pixels, have become a convenient way to access menus, check in at venues, and even make payments.
Their ease of use, however, has opened the door for scammers to exploit them for nefarious purposes.
Unlike traditional phishing scams that rely on suspicious links in emails or text messages, quishing (a combination of QR and phishing) uses QR codes to direct victims to fraudulent websites where personal and financial information can be stolen.
Australians have been repeatedly cautioned against clicking on links from suspicious emails or text messages, but QR codes seem to be treated with less caution.
Damien Manuel, an Adjunct Professor of Cyber Security at Deakin University, said: ‘[QR codes have] always been there, but they became hugely popular and everybody started [scanning them] without any second thoughts.’
‘[Scanning a code] may show you an abbreviated version of the link [on your device's screen], and you're more likely to, just out of habit, click on it and go straight through,’ he added.
Scammers in the United States and the United Kingdom have also adopted this fraudulent technique.
They attach QR codes to authentic locations such as parking metres and wait for unsuspecting people to scan them. Once the victim scans the code, the scammers steal the individual's personal information.
Consumer group CHOICE has warned that quishing is likely to be one of the top scams this year.
According to The Australian Competition and Consumer Commission’s (ACCC) Scamwatch, dozens have reported this scam since 2020, with victims losing over $100,000.
Scammers have made attempts to impersonate government agencies such as Medicare and Services Australia.
Scammers may send fake emails to myGov users, asking them to update their information through a QR code that takes them to a phishing website.
Scam emails can sometimes bypass spam filters because they use QR codes instead of including dodgy links in the text.
We want to ensure that our members are well-informed and equipped to spot these scams before falling victim to them. So, how can you protect yourself from quishing?
Firstly, be cautious of unsolicited emails or messages that ask you to scan a QR code, especially if they claim to be from government bodies like Medicare or Services Australia.
Always double-check the URL that the QR code directs you to. Make sure it's a legitimate government or official website and not a clever imitation designed to harvest your personal details.
If you're scanning a QR code in public, take a moment to inspect the code for signs of tampering. It's not uncommon for scammers to place their own QR codes over legitimate ones.
If you suspect that you've encountered a quishing scam, it's important to act quickly.
Contact your bank to halt any transactions and prevent further financial loss.
Report the scam to Scamwatch and make an official complaint to the police.
Be wary of follow-up scams, as Scamwatch has warned that one in three scam victims are targeted more than once.
Lastly, don't hesitate to seek support if you've been affected by a scam.
Financial counsellors like Lifeline offer services to help you cope with stress and potential financial fallout on 13 11 14.
IDCARE is another resource that can assist in reducing the harm caused by the compromise of your identity information.
Looking to stay informed on the latest scams? Check out our article featuring the top five scams to be wary of this year.
Remember, your safety and security are paramount. By staying informed and cautious, you can help protect yourself and your loved ones from these modern-day digital threats.
Do you frequently use QR codes? Let us know in the comments below!
The latest tactic preying on Australians involves the misuse of quick response (QR) codes—a technology that has become commonplace today, especially since the COVID-19 pandemic.
This new scam, known as 'quishing', is particularly insidious as it impersonates trusted government entities like Centrelink and Medicare.
QR codes, those small square matrices of black and white pixels, have become a convenient way to access menus, check in at venues, and even make payments.
Their ease of use, however, has opened the door for scammers to exploit them for nefarious purposes.
Cybercriminals are now using QR codes to target unsuspecting victims. Image source: Freepik
Unlike traditional phishing scams that rely on suspicious links in emails or text messages, quishing (a combination of QR and phishing) uses QR codes to direct victims to fraudulent websites where personal and financial information can be stolen.
Australians have been repeatedly cautioned against clicking on links from suspicious emails or text messages, but QR codes seem to be treated with less caution.
Damien Manuel, an Adjunct Professor of Cyber Security at Deakin University, said: ‘[QR codes have] always been there, but they became hugely popular and everybody started [scanning them] without any second thoughts.’
‘[Scanning a code] may show you an abbreviated version of the link [on your device's screen], and you're more likely to, just out of habit, click on it and go straight through,’ he added.
Scammers in the United States and the United Kingdom have also adopted this fraudulent technique.
They attach QR codes to authentic locations such as parking metres and wait for unsuspecting people to scan them. Once the victim scans the code, the scammers steal the individual's personal information.
Consumer group CHOICE has warned that quishing is likely to be one of the top scams this year.
According to The Australian Competition and Consumer Commission’s (ACCC) Scamwatch, dozens have reported this scam since 2020, with victims losing over $100,000.
Scammers have made attempts to impersonate government agencies such as Medicare and Services Australia.
Cybercriminals send QR codes to direct victims to fraudulent websites. Image source: Services Australia
Scammers may send fake emails to myGov users, asking them to update their information through a QR code that takes them to a phishing website.
Scam emails can sometimes bypass spam filters because they use QR codes instead of including dodgy links in the text.
We want to ensure that our members are well-informed and equipped to spot these scams before falling victim to them. So, how can you protect yourself from quishing?
Firstly, be cautious of unsolicited emails or messages that ask you to scan a QR code, especially if they claim to be from government bodies like Medicare or Services Australia.
Always double-check the URL that the QR code directs you to. Make sure it's a legitimate government or official website and not a clever imitation designed to harvest your personal details.
If you're scanning a QR code in public, take a moment to inspect the code for signs of tampering. It's not uncommon for scammers to place their own QR codes over legitimate ones.
It is recommended to verify that QR codes are not fake or covering legitimate ones. Image source: Facebook
If you suspect that you've encountered a quishing scam, it's important to act quickly.
Contact your bank to halt any transactions and prevent further financial loss.
Report the scam to Scamwatch and make an official complaint to the police.
Be wary of follow-up scams, as Scamwatch has warned that one in three scam victims are targeted more than once.
Lastly, don't hesitate to seek support if you've been affected by a scam.
Financial counsellors like Lifeline offer services to help you cope with stress and potential financial fallout on 13 11 14.
IDCARE is another resource that can assist in reducing the harm caused by the compromise of your identity information.
Looking to stay informed on the latest scams? Check out our article featuring the top five scams to be wary of this year.
Do you frequently use QR codes? Let us know in the comments below!
.png){kind=icon}
You'd need another phone with a QR scanner to read it. 
