What is quishing? Pubgoers warned over food and drinks scam ahead of Euro 2024 semi-finals

As England fans descend on the pub on Wednesday night for the Euro 2024 semi-final against the Netherlands, experts have warned revellers to be on guard against a scam.

Quishing is a bit of a mouthful to say but it is a fast-growing trap that is easy to fall for and can be potentially devastating for victims.

The phenomenon has already been catching out fans during the Euros amid scenes of beer flying in pubs as England have crept their way into the final four.

Here is all you need to know about quishing and what you can do to avoid being caught out.

What is quishing?

It is not a dreamed-up word, but a less inventive blend of ‘QR codes’ and ‘phishing’.

Attackers plant fake QR (quick response) codes or infiltrate existing ones under the tactic to then lead the victim to download harmful content.

“The goal of this attack is to steal sensitive information, such as passwords, financial data, or personally identifiable information (PII),” states Cloudflare.

The code can also be sent to the victim via an email or message.

Cloudflare’s statement adds: “Once this sensitive information is captured, attackers can exploit it for various malicious purposes, including identity theft, financial fraud, or ransomware.”

How to avoid being a victim of a ransomware attack

Many pubs use QR codes for customers to make orders and payments - a practice that became established during the pandemic.

While this has been a convenient means of ordering in some ways it does mean that a once harmless transaction does now come with an element of risk.

To avoid being caught out, if in doubt revert to the old-fashioned method of paying at the bar.

Make sure to check any unofficial-looking QR codes or login details with staff before ordering.

Do not give any personal information to a site if you are unsure.