The growing use of QR codes - those funny looking square bar codes showing up everywhere - makes mobile transactions more efficient. It also presents a growing cyberthreat.
I guess I’m not surprised. Sadly, cybercriminals gravitate to highly successful and useful tech tools to perpetrate their crimes. Our growing use of QR codes makes them an ideal tool to exploit our trust in them.
In the Government Technology article Combatting the Growing Cyberthreat of QR Code Abuse, author Dan Lohrmann smartly lays out the looming threat of how malicious QR Codes can infiltrate mobile devices and wreak havoc in a variety of ways. What’s particularly insidious about this is how easy it is to create and distribute a malicious QR Code.
In his article, Dan quotes an India Tech Online report that explains “victims scan fraudulent QRs and find themselves taken to malicious websites where they are asked to provide login, personal info, usernames and passwords, and payment information, which criminals then steal. The sites could also be used to simply download malicious programs onto a user’s device.” Same old phishing scheme, different approach.
What Can Be Done?
Like any other link or request for information – especially if unsolicited – think before you click (or scan). Always verify the legitimacy of a QR Code before using it.