The FBI recently released a new warning related to an increase of malicious QR code development and exploitation by cybercriminals, here’s what you need to know:
QR Codes are not a novelty; nonetheless, as our world has continued to take a digital path especially amid the pandemic, QR codes have become part of our everyday lives. Walking into many restaurants today, we’ve become accustomed to having our camera ready upon sitting down to scan and gain access to menu and other information; which has now opened up another great opportunity for cybercriminals to exploit. The FBI recently warned of fake QR codes being developed by cybercriminals which are used to re-direct users to malicious sites, then prompting the user to enter login or personal information. Some of these also being used with the purpose of enabling the download of malicious malware, hence granting cybercriminals access to a user’s mobile device without them even knowing it.
Some tips provided by the FB to avoid falling victim to one of these QR code scams include:
- Always verify before you scan: the source, location and if possible, it’s a good idea to physically check to ensure that you don’t see any obvious signs of QR code temperament prior to scanning such as looking over to ensure a sticker hasn’t been slapped over the original code.
- Verify the URL of any site pulled up by the QR code PRIOR to clicking “ok”. Malicious domain names may be similar to the legitimate URL; however, may have typos or misplaced letters, etc.
- Be very cautious of a QR code re-directing you to the downloading of any application directly versus taking you to the app store.
- DO NOT download a QR code scanning app as this increases your risk of malware onto your device. Most phones have a built-in scanner within your camera app.
- Prevent making payments using any site accessed by a QR code.
- Whenever possible, use the direct company or store URL versus a QR code.
- Install security software on your mobile devices.