FBI and Cybersecurity experts warn about QR Code scammers targeting the public. QR code scanners offer a convenient and speedy alternative to writing down personal details at events and venues. The tech is widely used across the world by governments and accelerated contact tracing efforts.
However, authorities in the US and Australia have warned the inevitable security problem
sprouting from requiring billions of people to scan complex codes multiple times per day has been laid bare. The FBI raised a warning last week about scammers altering the QR codes and using them to facilitate transactions and check-ins around the country amid the pandemic.
According to the FBI notice, “A victim scans what they think to be a legitimate code but the tampered code directs victims to a malicious site, which prompts them to enter login and financial information. Access to this victim information gives the cybercriminal the ability to potentially steal funds through victim accounts.”
The agency said it was tricky to trace back attacks to the source, and it cannot guarantee the recovery of lost funds after transfer”.
The Austin Police in a report said, “People attempting to pay for parking using those QR codes may have been directed to a fraudulent website and submitted payment to a fraudulent vendor.”
According to the Australian Competition and Consumer Commission(ACCC), the problem is not so widespread in Australia, though there have been two cases where malicious QR codes have been used and reported to the regulatory body since December 1, 2021.
ACCC told 7News, “Scamwatch has received two scam reports about QR codes, with a total loss of $120. One report involved redirecting users to another website for payment. Another report was related to cryptocurrency wallet phishing.”
Karim Hijazi, CEO of Prevailion, who specializes in cybersecurity breaches told Fox News, “The QR code will send the user of the device to a website that then asks for information like payment information or personal information that they then harvest and use for ill gains or nefarious purposes.”
He further added, “They are just nothing more than a way to link to a website. You see them on menus these days with Covid. You can’t even get a paper menu anymore these days, you have to use your phone to scan it.”
He feels it is tough to remove some malware from your phone, though you can take precautions to protect your devices if you think you have been led to a fraudulent or malicious site in the future.
Hijazi concluded by saying, “Change all of your passwords. Make sure that you go to logins that you use regularly, like banking logins, and turn on two-factor authentication.”