GCash has blocked over 4,900 merchant accounts suspected of using a tactic known as “quishing” to steal payments and user data.

Quishing, or QR phishing, involves fraudsters using manipulated QR codes to redirect consumers to malicious payment gateways.

The Bangko Sentral ng Pilipinas recently flagged the scheme as a growing threat in the digital payments sector.

GCash noted that fraudsters in the Philippines carry out these scams by embedding fake QR codes into posters and receipts.

Scanning these QR codes directs users to fake login pages that mimic official e-wallet or banking sites, potentially leading to unauthorised transfers or malware installation.

The company advised users to check for warning signs before authorising payments.

These include suspicious URLs that imitate official domains and payment pages that appear unfamiliar despite displaying official logos.

“Scammers are evolving alongside digital payments,” said Miguel Geronilla, Chief Information Security Officer, GCash. “We have zero tolerance for these actors and are actively blocking and reporting them to protect our users.”

The recent blocks are part of a broader collaboration with government agencies to disrupt online fraud.

In March this year, the company worked with the Cybercrime Investigation and Coordinating Center to block over 3,200 merchants linked to illicit activities.

Users are encouraged to report suspected fraudulent transactions through the official help centre within the app. Or they can contact the Philippine National Police Anti-Cybercrime Group.

Featured image by Freepik.