Scams Exploiting Trust: Quishing & Pig Butchering

Show Notes

Trust is essential in our daily lives—but it's also what scammers exploit most. In this episode of SipCyber, Jen Lotze visits Central Park Coffee in Owatonna, MN, to discuss two evolving scams that prey on human trust: quishing (QR code fraud) and pig butchering (romance investment scams). From fake QR codes on restaurant tables to elaborate romance frauds that drain life savings, these threats are becoming more sophisticated and harder to detect. 

Jen breaks down how these scams work, shares real-world examples, and delivers practical defense strategies you can implement immediately. Whether you're scanning a menu or chatting with someone online, this episode equips you with the knowledge to recognize manipulation tactics before it's too late. 

What You'll Learn: 

• How "quishing" works and why QR codes are the new phishing vector 
• The disturbing mechanics of pig butchering romance scams 
• Specific red flags to watch for in both physical and digital spaces 
• Practical verification steps before clicking, calling, or sending money 
• Why urgency + money requests = major warning signs 

Don't become the next victim. Subscribe for weekly cybersecurity tips delivered from coffee shops across the country, and share this with someone who needs to hear it. 

#Cybersecurity #QRCodeScams #RomanceFraud #Quishing #PigButchering #ScamAwareness #InfoSec #CyberSafety #SipCyber 

Transcript

Jen Lotze 0:04

Hey Thare Coffee lovers and internet explorers, welcome back to Subcyber. Last time we talked about scams that show up on your phone, smishing and vishing. Today we're continuing our cybersecurity quest and stopping in Owatana, Minnesota at a gem I discovered while adventuring for my job at Central Park Coffee. I loved it so much that I had to come back. I walked in and the smell of coffee and waffles was incredible. When you're at a great local spot like Central Park Coffee, you trust the environment. You trust the chairs, you trust the barista, and you trust the menu. This basic human trust in our physical world is essential to getting through the day. But that trust is exactly what scammers exploit when they move from email and phone calls to more creative territory. This brings us to a few more creative scams that are making a big comeback. First, there's quishing. I'll tell you that I often think like a scammer, not because I want to scam a person, but to think through what someone should do in the event that this happens. During COVID, I thought it would be really easy to go to a restaurant and change the QR code on each table to send customers to a malicious website. I share this because it is a scam that can be so easy to fall victim to. This is what quishing is: a criminal putting a fake QR code on a table that looks like a menu or payment link. You scan it, but it actually takes you to Umbop on YouTube, playing in a cyclical loop. I mean, who doesn't love Hansen? Finally, there is devastating financial fraud that we have to discuss. The scam known as pig butchering. The name is terrible and crude, but the scam itself is worse because it plays directly on loneliness and trust. This is a long-term fraud where criminals meticulously build a relationship with the victim before stealing everything. This long-term scam often starts with a wrong number text or a message on a dating app. The scammer spends weeks or months building an emotional bond with the victim. They'll be a good listener, feign romantic interest, and talk about a future together. This is the grooming stage where they earn your complete trust, then they'll introduce a fake investment opportunity or they'll reveal a manufactured emergency that requires urgent money because their accounts are locked up for some reason. The scammer encourages you to invest or transfer more and more, and once you've given them all you have, they disappear. Today's cybersecurity tip is to focus on your defenses. The single most important defense for all these scams is always the same. Always pause and then verify before you click, call, or send any money. Now, let's talk about the specific countermeasures for each scam. To combat quishing, this is all about being cautious in the physical world. Before you scan any QR code, give it a quick once over. Is it a sticker placed over an original code? Does it look out of place? If you're scanning a code for a menu or payment, verify the web address that pops up on your phone before you click. Does it match the name of the business? If you're unsure, ask a staff member for a printed menu like us old people do instead. To combat pig butchering, or those awful relationship scams, the best defense here is skepticism regarding money and urgency and romantic relationships. Be cautious of strangers online, especially if they try to move the conversation to an encrypted messaging app like WhatsApp, or immediately start talking about large financial matters, whether it's unbelievable investment or an urgent personnel matter, no matter how legitimate the love interest might feel, if they ask you to invest money on a platform they recommend. It's important to remember, if it sounds too good to be true, it almost always is. This approach gives you a clear and powerful defense strategy. You're not just passively waiting for the next scam, you're empowered with the knowledge to actively protect yourself. That's all for today's episode, Sip Cyber. Thank you for joining me on this trip to Central Park Coffee and for taking a small sip to secure your digital life. We'll be back next week with another great small business and a new tip. Until then, stay safe and keep sipping.