Quick Response codes, or QR codes as they're better know, seem to have popped up just about everywhere these days. Whether you’re in a hurry to pay for your coffee, hoping to check out the menu at your favorite restaurant or just wanting to open a long URL on your phone, the little square barcodes have got you covered. But how can you tell if the QR code you just scanned is a scam?
Most times you can’t, and that’s a bit worrisome. Apart from privacy issues, the FBI warns that cybercriminals have been tampering with QR codes to redirect people to malicious sites that steal login and financial information, download malware and redirect payments for cybercriminal use. How can they do that?
Pretty simple: because the human eye can’t distinguish one QR code from another, all they have to do is generate a dummy QR code and stick it over real one. When it comes to digitally generated QR codes, things get a little bit more complicated - hackers need to access the device that generates the QR code or to impersonate a trusted entity, but no effort is too big when you’re a criminal trying to scam your victims out of money, or bitcoin.
Case in point: Police officers in the Texan cities of Austin and San Antonio discovered bogus QR codes stuck onto public parking meters. The parking meters in both cities don't normally display QR codes, and only accept payment via coins, cards or a smartphone. However not everyone knows that and, if the webpage you’re directed to pretends to accept payment for the parking session, you’ll likely pay.
QR codes on their own are not malicious in nature, and there’s no reason to stop using them altogether. However, you should take certain precautions to protect yourself.
tags
Radu is a tech-geek with 15 years of experience in writing, journalism and copywriting. When he’s not writing he’s probably taking something apart, trying to figure out how things work.
View all postsNovember 14, 2024
September 06, 2024