Telco giant PLDT has issued a warning advising consumers to think before they scan QR codes s scammers are now tampering with them to steal logins and financial information.
PLDT said investors should be wary against QR codes received from dubious entities on emails or messaging platforms.
‘Quishing’ makes use of a malicious QR code that when scanned, directs unsuspecting victims to a fake version of a legitimate website, and lures them into giving up sensitive information like login credentials.
“When victims enter their personal data on the fake website, the hackers will immediately capture them and use the information to take control of their various accounts including their digital wallets,” Angel Redoble, first vice president and chief information and security officer of PLDT and Smart said.
Businesses have turned to QR codes for contactless payments during the pandemic after the government urged merchants to shift to electronic payments.
Before clicking a link, check the destination first. If it seems dubious, best not to visit it, said PLDT.
PLDT has also warned against people asking for your PIN (personal identification number), security code or OTPs (one-time passwords).
To further protect customers, PLDT and Smart have blocked 203 URLs tied to text scams from June 10, 2022 to July 26, 2022.