Article Sidebar

Download
PDF
Statistic
Read Counter : 300 Download : 195

Main Article Content

Abstract

The object of research is the risk mitigation of Quishing (QR Phishing) in financial transactions using the Security Behavior Intentions Scale (SeBIS). The study focuses on how user behavior, financial security awareness, and technological adoption influence the ability to detect and mitigate Quishing threats. One of the most problematic areas is the growing vulnerability of digital payment users to fraudulent QR codes, which cybercriminals exploit to redirect users to malicious websites and steal sensitive financial information. Despite the rapid adoption of QR-based payments, primarily through Quick Response Indonesia Standard (QRIS) and e-wallets, there is a lack of comprehensive risk mitigation models that integrate user awareness, behavioral factors, and security technologies. The study used a quantitative approach with Structural Equation Modeling (SEM) to analyze the relationships between security behavior, user awareness, and Quishing risk mitigation. Data was collected from 100 respondents in Makassar, Indonesia, to evaluate their digital security practices and susceptibility to Quishing attacks. The results indicate that password management and user awareness significantly influence Quishing risk mitigation, whereas device security alone does not guarantee protection. The study confirms that digital financial resilience can be enhanced through targeted education, stronger authentication mechanisms, and AI-driven fraud detection. This is because the proposed integration of SeBIS-based behavioral assessment and security interventions addresses multiple vulnerabilities in digital transactions. This ensures that it is possible to improve the overall security of digital payments by enhancing user behavior and implementing proactive security measures. Compared to similar known models, this approach combines behavioral insights with technological solutions, leading to more effective mitigation strategies for financial cybersecurity risks.

Keywords

digital economy security behavior Quick Response Indonesia Standard (QRIS) Quishing QR Code

Article Details

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite
Singkeruang, A. W. T. F., Susanto, S. E. ., & Saeni, N. (2025). Mitigating the Risk of Qushing Threats (QR Phishing) using the Security Behavior Intentions Scale (SeBIS) in supporting digital economic security. Paradoks : Jurnal Ilmu Ekonomi, 8(2), 685–696. https://doi.org/10.57178/paradoks.v8i2.1196
Download Citation
Endnote/Zotero/Mendeley (RIS)
BibTeX

References

  1. Bonneau, Joseph & Herley, Cormac & Oorschot, Paul & Stajano, Frank. (2014). Passwords and the Evolution of Imperfect Authentication. Communications of the ACM. 58. 10.1145/2699390
  2. Cain Ashley A, Edwards Morgan E, Still Jeremiah D. (2018) An exploratory study of cyber hygiene behaviors and knowledge. Journal of Information Security and Applications. doi:10.1016/j.jisa.2018.08.002.
  3. Egelman, S., and Peer, E. (2015). Scaling the Security Wall: Developing a Security Behavior Intentions Scale (SeBIS). Paper presented at the Proceedings of the 33rd Annual ACM Conference on HumanFactors in Computing Systems, Seoul, Republic of Korea.
  4. Federal Bureau of Investigation. (2022). Cybercriminals Tampering with QR Codes to Steal Victim Funds. Available at: https://www.ic3.gov/Media/Y2022/PSA220118
  5. Filipo Sharevski, Amy Devine, Emma Pieroni, and Peter Jachim. (2022). Phishing with Malicious QR Codes. In 2022 European Symposium on Usable Security (EuroUSEC 2022), September 29–30, 2022, Karlsruhe, Germany. ACM, New York, NY, USA, 20 pages. https://doi.org/10.1145/3549015.3554172
  6. Godwin Awuah Amoah, Hayfron-Acquah J.B. (2022) QR Code Security: Mitigating the Issue of Quishing (QR Code Phishing). International Journal of Computer Applications. 184, 33 (Oct 2022), 34- 39. DOI=10.5120/ijca2022922425
  7. Harrison, Brynne & Harrison, Brynne & Ng, Yu. (2018). Suspicion, Cognition, and Automaticity Model of Phishing Susceptibility
  8. Jain, Anurag & Shanbhag, Devendra. (2012). Addressing Security and Privacy Risks in Mobile Applications. IT Professional. 14. 28-33. 10.1109/MITP.2012.72.
  9. M. S. Dr Duryadi, Metode penelitian : metode penelitian empiris, model path analysis dan analisis smart pls. Semarang: Yayasan Prima Agus teknik, STEKOM, 2021.
  10. Parsons, Kathryn & McCormac, Agata & Pattinson, Malcolm & Butavicius, Marcus & Jerram, Cate. (2013). Phishing for the Truth: A Scenario-Based Experiment of Users’ Behavioural Response to Emails. IFIP Advances in Information and Communication Technology. 405. 366-378. 10.1007/978-3-642- 39218-4_27.
  11. Rachelle Chouinard. (2021). New Quishing Campaign Shows How Threat Actors Innovate to Bypass Security. Available at: https://abnormalsecurity.com/blog/qrcode-campaign-bypass-security
  12. Ransbotham, Sam & Mitra, Sabyasachi & Ramsey, Jon. (2012). Are Markets for Vulnerabilities Effective?. MIS Quarterly. 36. 43-64. 10.2307/41410405
  13. Sawaya, Yukiko, Mahmood Sharif, Nicolas Christin, Ayumu Kubota, Akihiro Nakarai, and Akira Yamada. (2017). Self-confidence trumps knowledge: A cross-cultural study of security behavior. In Proceedings of the 2017 CHI conference on human factors in computing systems, pp. 2202–2214.
  14. Solic, Kresimir, Mateo Plesa, Tena Velki, and Kresimir Nenadic. (2019). Awareness about information security and privacy among healthcare employees. Medicinski fakultet Osijek.
  15. Tai-Wei Kan, Chin-Hung Teng, and Mike Y Chen. (2011). QR code based augmented reality applications. In Handbook of augmented reality. Springer, 339–354.
  16. Tersangka Penipuan QRIS di Kotak Amal Masjid Mantan Pegawai Bank (2023). CNN Indonesia. Available at: https://www.cnnindonesia.com/nasional/20230411154515-12-936323/tersangka-penipuan-qris-dikotak-amal-masjid-mantan-pegawai-bank
  17. Velki Tena, Romstein Ksenija. (2019) User risky behavior and security awareness through lifespan. International Journal of Electrical and Computer Engineering Systems. doi: 10.32985/ijeces.9.2.2
  18. Velki, Tena, Kresimir Solic, V. Gorjanac, and K. Nenadic. (2017). Empirical study on the risky behavior and security awareness among secondary school pupils-validation and preliminary results. In 2017 40th international convention on information and communication technology, electronics and microelectronics (MIPRO), 1280–1284. IEEE.
  19. Waspada! Penipuan Scan Barcode di Pintu Tol dengan Embel-Embel Gratis E-Toll Rp 500 Ribu (2023). Ardha Ihsan Asy'Ari. Available at: https://www.jawapos.com/nasional/012968990/waspada-penipuan-scan-barcode-di-pintu-tol-dengan-embel-embel-gratis-e-toll-rp-500-ribu
  20. http://www.raosoft.com/samplesize.html
  21. https://www.bps.go.id/id/publication/2023/02/28/18018f9896f09f03580a614b/statistik-indonesia-2023.html