Cyber crime continues to occur in line with technological developments. One of them is fraud through QR Code technology. One of them happened in Austin, Texas. On the parking meter found 30 dangerous QR code stickers. Instead of being taken to the city's official website or app, motorists who scan the sticker are directed to a fake site that collects their credit card information. Police do not know how many victims of the scam. The party also asked those who feel their credit card information was stolen by a fake website to contact them directly. Apart from Austin, San Antonio also suffered the same fate. Local officials also issued a warning after seeing a similar sticker linked to a fake payment site. Fraud stickers are a common choice for perpetrators because they take people from the physical world to the online, says cyber threat intelligence Brad Haas. He added that QR Code scams are also starting to appear in phishing emails and online advertisements.
"There's really no reason for someone to pull out their phone and scan the QR Code in an email they've already seen on their laptop," says Brad Haas.
He revealed that consumers should be suspicious of every email that contains a QR Code. Aaron Ansari, vice president of cloud security at antivirus firm Trend Micro, said hackers might like to use QR codes in phishing emails. Because it is often not detected by security software. That way it can open up opportunities to achieve the desired opportunities. Despite the low success rate, sending millions of phishing emails is much easier than placing physical stickers on parking meters and bus stops. The bottom line is that QR Codes are a way for cybersecurity actors to get what they want. This is also a threat to watch out for. To stay on the lookout for these types of scams, here are tips from the experts:
1. Think Before Scan
Be careful with codes posted in public places, is it a sticker or part of a bigger sign or display? If the code doesn't appear to match the background, request a paper copy of the document you're trying to access or type in the URL manually. When moving, pay attention to the website you are going to. If asking for login or banking information doesn't seem necessary, don't submit it.
2. Email Embedded Code Is A Bad Idea
Skip if there is a code in the email. The same applies to codes received in unsolicited junk email.
3. Preview Link Code
Many smartphone cameras, including iPhones with the latest iOS, will provide a preview of the URL code when scanned. If it looks strange you should not continue.
4. Use Password Manager
This system will keep you aware of the differences between phishing sites and will not auto-refill passwords.
Can the QR code be hacked?
If you ask whether the QR code can be hacked? So the answer is very unlikely for now. Because the QR code is a two-dimensional matrix in the form of a square with three black square points and one small one. Hacking the QR code means manipulating or changing the QR code so that it can be ascertained that currently the QR code cannot be hacked. Because the patterns that can be seen in the QR code will be very clearly visible if modifications have been made and the results will also be different. However, keep in mind that hackers can use QR codes to carry out hacking actions with the term Fake QR code or Fake QR code.
Fake QR code for Phishing
Phishing is a security issue that can involve a QR code, it is described as Qrishing. QR codes are generally scanned by smartphone cameras to visit websites. Currently, advertisements on websites use QR codes so that users can quickly scan QR codes to visit websites. This is what scammers use to deceive users. As previously mentioned, QR codes cannot be hacked yet, but hackers or scammers can try to change the QR code on the website first or create a fake poster that looks like the original advertisement and then place it in a public place. Ordinary users certainly do not understand the dangers of phishing, so some users do not realize that the website is fake. Because hackers or scammers will make the phishing web as close as possible to the original web appearance and another worrying thing is, the user never checks the complete url so that many ordinary users or unscrupulous users become victims of phishing and this has an impact on the theft of passwords and personal data. . If the user trusts the QR code, then they can become a victim of QRishing.
QR code for Malware Distribution
Malicious Software Distribution Scammers generally use malicious websites to distribute malware through drive by download techniques. Currently, most of the drive by download attacks are carried out on android users as targets. Drive by download is an attack that forces visitors to install software on the device they are using. Using a QR code is an effective method for hackers or scammers, because users will not be suspicious of the URL of the site. Users simply scan the QR code and then it will automatically open the web page and that's when the drive by download attack occurs.
Conclusion
Although QR codes are not new, their use is still very limited, but with the increasing use of smartphones, the use of QR codes will also increase. Now, various websites and apps allow users to use QR codes to log in or complete other tasks. However, there are still very few users who use QR codes and this is the reason for the lack of reporting on malicious QR codes.
You must be logged in to post a comment.