To put it quite frankly, QR codes are everywhere. They are given to newborns on hospital bracelets to help keep them safe and even placed on loved one’s graves, giving them new life after death. Whether you are trying to change the world or just decide what to order at this ‘new-fangled’ restaurant, you will certainly be running into many a QR code in the future.
With this rise in popularity, there comes an unfortunate dark side. Cybercriminals are exploiting this technology for nefarious purposes. Just like you or I, scammers can easily create fake QR codes that lead to information theft, ransomware, or malware.
It is crucial to exercise caution when scanning QR codes. This emerging scam highlights the potential dangers lurking behind those seemingly innocent squares.
The Resurgence
In its original design, QR codes were used by Toyota for tracking car parts during assembly. Since they have been experiencing a renaissance in recent years, they are now commonly used as a form of marketing today.
The allure lies in the convenient access to information these codes provide. One just simply needs to scan a code and you’ll be directly connected to targeted information for various industries.
Like with other cybersecurity trends, cybercriminals are quick to adapt. QR codes have become the new phishing scam. Exploiting the trust, we may have previously placed in them.
How the Scam Works
Using a fake or altered QR code, the scammer then places it over the legitimate one. Items like flyers, posters, stickers, or other tangible marketing materials.
Once someone has scanned the faked QR code, you may be directed to a phishing website. These sites are looking to collect various pieces of information. Such as credit card details, login credentials, or other personal information.
As well, scanning a faked QR code may prompt you to download a malicious app. One that contains malware that can do one or more of the following:
- Spy on your activity
- Access your copty/paste history
- Access your contacts
- Lock your device for ransom
Stay Vigilant: Tips for Safe QR Code Scanning
Verify the Source: Always be cautious when scanning QR codes from unknown sources. Try to verify its credibility to the best of your ability before entering personal information.
Use an App: Consider using a dedicated QR scanner app rather than the default camera on your device. Some third-party apps provide extra security features such as code analysis and website reputation checks.
Inspect the URL Before Clicking: Before visiting a website, take a moment to review the URL. Ensure that it matches the legitimate website the organization claims to represent.
Avoid Scanning Suspicious Codes: Trust your gut. If a QR code looks suspicious, refrain from scanning it. Sometimes scanners rely on a users’ curiosity, especially those in public places.
Update Your Device and Apps: Keep your operating system and applications up to date by regularly performing system maintenance.
Be Wary of Websites Accessed via QR code: never enter any personal information on a website you accessed through a QR code. Also, avoid making donations or tendering payment using QR codes.
Contact Vodigy about Phishing Resistant Security Solutions
QR codes can be both useful and fun, but they can also be dangerous if you are not careful. Scan away! But also, do so with caution and keep that curiosity at bay.
This scam falls under the umbrella of phishing. Phishing is one of the most dangerous modern risks for SMBs and individuals alike.
Need help protecting against phishing scams and training your employees to do so as well? Give Vodigy a call today!
