Illinois Comptroller Susana A. Mendoza is using Cybersecurity Awareness Month in October to alert the public about the growing risks of phishing, smishing, vishing, and quishing scams. As her office processes more than 11,000 checks daily, Mendoza emphasized that cybersecurity remains a critical part of state operations.
“These scams used to be easier to spot because of poor grammar and obviously bogus looking messages,” said Comptroller Mendoza. “But with the explosion of AI technology, it’s getting harder and harder to discern what’s legit and what’s fake.”
Phishing involves fraudulent emails designed to trick recipients into revealing personal information. According to the FBI, phishing attacks are now the most commonly reported cybercrime. The use of artificial intelligence has made these schemes more convincing by allowing scammers to personalize their messages.
Smishing is similar but uses text messages instead of email. This method is popular as people increasingly rely on texting for communication.
Vishing refers to voice-based phishing attacks conducted over phone calls or voicemails. The FBI notes that these often target older adults by impersonating relatives in distressing situations, such as claiming a grandchild needs money after an accident or arrest.
Quishing is a newer tactic where criminals use QR codes to direct victims to malicious websites. For example, scammers may place fake QR code stickers on parking meters or send packages containing QR codes that install malware when scanned.
To protect themselves, the public is advised not to share sensitive information unless they initiated contact and to be cautious with any message requesting personal data. Suspicious links should not be clicked, especially those related to overdue payments or shipping updates from unfamiliar sources. Email users are encouraged to verify sender addresses and report questionable emails at work using designated tools.
For quishing threats, individuals should double-check payment websites and avoid making payments outside trusted apps or without receiving confirmation.
“I urge everyone to be extra careful with any of these types of messages,” said Comptroller Mendoza. “Hackers and other cyber-scammers are constantly changing their tactics to get your personal data, so it’s important to remain vigilant.”
