At first glance, it looks like a regular scam. You receive a message, link, or QR code, and everything seems “normal.” But this isn’t a classic password request. This is a trick that makes you do the work yourself. You authorize something that looks legitimate. And in an instant, your coins are gone. Welcome, you have experienced quasi-phishing or quishing.
Article content: Quishing
The history of quishing – How scammers fleece you for money
This trick has a simple advantage for scammers. They don’t need to hack into any servers. They don’t have to break any security. All they have to do is create a sense of trust. Get you to give permission for the transfer yourself. In practice, they send you an attractive “claim” — a reward, refund, or airdrop. They tell you, “Connect your crypto wallet, it’s safe.” You do it, and from there, everything usually goes downhill fast.
At first, it was mainly prevalent in Asia. That’s where it started. People there were caught by QR codes and WhatsApp links as early as 2023–2024. Then it quickly spread further. In the Czech Republic, larger waves began in the spring of 2024, and by 2025, the police were dealing with it on a regular basis.
You may be interested in: Beware of AI scams!
Smarter fish, smarter phishing
Attackers don’t just win with technology. They win with language and “look.” The texts are localized. They look Czech, not like a bad translation. The images and logos are credible. Sometimes they are even professionally photographed. So when someone sends you a link, it looks like it was sent by a familiar place or service. That’s targeted.
The social component also plays a role. The campaign does not run through just one channel. There are advertisements, fake videos, Telegram groups, even “influencers” — sometimes staged. All of this together creates the illusion that it is verified. And those who see the “proof” over and over again begin to believe it. That’s exactly when the red light for rationality and the green light for trust come on.
Global and local quishing — The many faces of quasi-phishing fraud
The technique? We don’t need to delve too deeply into it. The main thing is that it forces you to “connect” or “approve.” It’s not that someone stole your password. It’s that you approved it. That’s why it’s so treacherous. It looks official and goes through the usual wallet tools.
It’s remarkable how quickly they localize it. When targeting Czechs, the site speaks Czech. When targeting Germans, it speaks German. Organized call centers are excellent at this. They have translators. They have marketing. And they have step-by-step instructions on how to lead the victim. In practice, this means that even more experienced users can fall victim, because the whole scenario is “tailor-made.”
More from our editorial team: FX Junction review
In the Czech Republic, the police are already warning people – but investigations are not always easy
In the Czech Republic, it usually looks like this: you receive a message about a refund or an “exclusive” airdrop of a cryptocurrency. Someone then guides you through the steps. Someone calls and guides you through WhatsApp. Someone convinces you to install an app or click on a link. And when you connect, a transaction takes place that you yourself have confirmed. That moment is the turning point. After that, it is practically impossible to get your money back.
Investigation? That’s a long haul. The problem for the police and forensic experts is that the block is not “broken” — everything was done legally from a technical point of view. Analysts therefore focus on the infrastructure. They monitor domains, hosting, DNS redirection, and short-term servers. They take screenshots of websites. They collect logs. They look for common elements between different attacks. This often leads to the discovery of the network.
Read more: Trust Wallet review
Quishing — How to defend yourself?
Practically speaking, for the average person: never click without thinking. If someone offers you “assistance” or “help” via an unknown link, call the official service number. Do not install applications that are recommended via an unknown link. Do not connect your crypto wallet to anything you did not initiate yourself. These are simple steps, but they catch many attacks.
What about companies and platforms? Prevention and rapid response are essential here. Companies should monitor the lifetime of domains and redirects. Exchanges and big players should warn customers clearly and frequently. The police must have channels for quick requests for logs from hosting providers and CDNs. When all of this comes together, the chances of recovering the money increase.
Ultimately, there is also a psychological aspect to this. The scam does not attack the technology. It attacks trust in the technology. It exploits the fact that most people already trust blockchain. And it capitalizes on that trust. It’s a bit like manipulation in a cult. They slowly show you that “this is safe” until one day you simply do what they want. It’s hard to defend against this if you’re not on guard.
