The Campaign against Revenge Porn that also Highlights the Risks of Quishing!
An awkward girl who, at the request of a male voice, begins to undress.
It could be our daughter or our sister or a dear friend. Her discomfort is palpable and it’s the same as that of the person watching her who, driven by an uncontrollable morbid curiosity, doesn’t stop. But suddenly the image changes and a young man appears, waking the viewer from the hypnosis they’ve fallen into by shouting:
“did you really think you’d see her naked? If you’re watching, you’re an accomplice!”
This is the new campaign created by a group of students from IED in Rome against revenge porn, the crime that involves publishing intimate images online without the victim’s consent.
The campaign uses posters attached to the streets of the capital where phrases like: “everyone look at that bitch of my ex naked!” can be read with a QR code that, tickling the most perverse curiosities, invites to be framed and to enter the intimacy of an unknown couple.
At that point, those who do it realize after a few seconds that they have been victims of a Quishing attack, which is phishing via QR Code. They don’t suffer any data theft but “only” a harsh reprimand for a reprehensible action, but the substance doesn’t change: they fell into the trap and were led, by fake cybercriminals and their own curiosity, where they would never have chosen to go.
Quishing, a Variant of Phishing
In classic phishing, scammers send deceptive links via email or text messages, trying to convince victims to click on dangerous websites to steal sensitive information such as banking data, login credentials, or other personal information.
In Quishing, however, the attack occurs through a QR code, a tool that has become almost indispensable for many everyday life operations and a new fertile ground for cybercriminals.
According to Cisco Talos, in fact, about 60% of emails containing QR codes are spam, often aimed at phishing or stealing credentials used for “multi-factor authentication (MFA). Although created to simplify” access to information, quickly transporting users to promotional sites, discount codes or informative pages, these codes can be used as vectors for very insidious attacks.
The scam, in fact, works more or less like this: by unknowingly scanning some QR codes prepared ad hoc by cybercriminals, you are directed to dangerous web pages. In other cases, malware is directly installed on the device that compromises its correct functioning or steals the data stored on that device. And all this without the victim even realizing it, if not after some time, when it’s already too late.
A very effective idea, therefore, that of IED to use Quishing for such a campaign that contains a double message “even if you’re just a voyeur, you’re an accomplice” and “it was enough to tickle your curiosity to be hacked“.
The warning is therefore to always be very careful about what you do online, to never be superficial, to not click or frame carelessly following an “emotion or instinct, but to always be aware of both the” ethics and the consequences of your actions on the web.
In Italy, revenge porn is a dangerously growing phenomenon.
Since it was introduced as a crime in the penal code in 2019, 4821 cases have been registered, with 69% of victims being women. According to the latest available data on revenge porn complaints, collected by Eurispes, in 2023 in Italy 964 cases were registered, with an increase of 1% compared to 2022.
This is a phenomenon often motivated by revenge, for example against ex-partners, but it can also be carried out to blackmail, denigrate, or harass the person depicted. It is undoubtedly an exercise of power over another’s private life that can have serious psychological, social, and material consequences for those who suffer it. So much so that, according to the Indifesa Observatory, conducted by Terre des Hommes and Scomodo, on a sample of over 2,700 young people under 26, it represents the most feared online risk (58%).
The Fault is Never just Others’
The campaign “You are complicit” thus reminds us of a fundamental truth: we are the first responsible for our actions in the digital world. It’s always easy to shift responsibility onto others, but what are we doing to defend ourselves and our loved ones from an increasingly invasive and aggressive web?
It’s true, cyber criminals are constantly looking for new ways to access our information and devices, but above all, they are hunting for vulnerabilities generated primarily by human errors. Distractions, haste, nervousness, uncontrolled curiosity, and poor knowledge of the digital world are their nourishment.
To starve them and prevent them from causing damage, the only way is the correct digital posture that is built only through a serious path of knowledge and training, which offers constantly updated content on the latest news regarding risks and security, and which provides continuous exercises adapted to one’s level of preparation.
Because online, as in real life, the road to a better world is paved with good intentions but also with solid security practices.