Be Careful When Scanning QR Codes – There’s a New Scam Going Around!

The QR Code Resurgence

QR codes were initially designed to track parts in the automotive industry. They have experienced a renaissance in recent years. As a result, they’re used as a form of
marketing today. They offer the convenience of instant access to information. You simply scan a code. They’ve become integral to various industries, including retail and hospitality. Unfortunately, cybercriminals are quick to adapt. A new phishing scam has emerged, exploiting our trust in QR codes.

How the Scam Works

The scammer prints out a fake QR code. They place it over a legitimate one. For example, they might stick it on a poster advertising a product discount or a movie. You scan the fake QR code, thinking it’s legitimate. The phony code may direct you to a phishing website. These sites may ask you to enter sensitive data, such as your credit card details, login credentials, or other personal information. Scanning the QR code may prompt you to download a malicious app. One that contains malware that can do one or more of the following:
 Spy on your activity
 Access your copy/paste history
 Access your contacts
 Lock your device until you pay a ransom

The code could also direct you to a payment page, which charges a fee for something supposedly free. Here are some tactics to watch out for.

Malicious Codes Concealed

Cybercriminals tamper with legitimate QR codes. They often add a fake QR code sticker over a real one. They embed malicious content or redirect users to fraudulent websites.

Fake Promotions and Contests

Scammers often use QR codes to lure users into fake promotions or contests. When users scan the code, it may direct them to a counterfeit website. The website may prompt them to provide personal information. This can lead to potential identity theft or financial fraud.

Malware Distribution

Some malicious QR codes start malware downloads onto the user's device. This can result in compromised security, including unauthorized access to personal data and potential damage to the device’s functionality.

Stay Vigilant: Tips for Safe QR Code Scanning

Verify the Source

Be cautious when scanning QR codes from unknown or untrusted sources. Verify the legitimacy of the code and its source, especially if it prompts you to enter personal information.

Use a QR Code Scanner App

Consider using a dedicated QR code scanner app. Use that rather than the default camera app on your device. Some third-party apps provide extra security features like code analysis and website reputation checks.

Inspect the URL Before Clicking

Before visiting a website prompted by a QR code, review the URL. Ensure it matches the legitimate website of the organization it claims to represent.

Avoid Scanning Suspicious Codes

Trust your instincts. If a QR code looks suspicious, refrain from scanning it. Scammers often rely on users' curiosity. Be careful when scanning QR codes that you see in public places. Don’t scan them if they look suspicious, damaged, or tampered with. Exercising caution is paramount.

Update Your Device and Apps

Keep your device’s operating system and QR code scanning apps current. Regular updates often include security patches that protect against known vulnerabilities.

Be Wary of Websites Accessed via QR Code

Don’t enter any personal information on a website that you accessed through a QR code. This includes your address, credit card details, login information, etc. Don’t pay any money or make any donations through a QR code. Only use trusted and secure payment methods.

Contact Us About Phishing Resistant Security Solutions

QR codes can be helpful and fun. But they can also be dangerous if you’re not careful. Always scan them with caution. Protect yourself from scammers who want to take
advantage of your curiosity. This scam falls under the umbrella of phishing. Phishing is one of the most dangerous modern risks for individuals and organizations. Let us know if you need help ensuring your devices are phishing-resistant. Contact us today to learn more.

Call: (414)238-2110

Email: [email protected] 


The article was used with permission from The Technology Press.

Share this resource: