Emsisoft Blog: Are cybercriminals really using fake QR codes to steal your financial information?

Gandalf_The_Grey

Level 62
Thread author
Verified
Helper
Top poster
Content Creator
Well-known
Apr 24, 2016
5,113
In January 2022, the FBI issued a public service announcement warning people of a new trend: cybercriminals are allegedly taking advantage of Quick Response (QR) codes to redirect victims to malicious sites that can steal their credentials and financial information. Additionally, the FBI warned that QR codes may contain malware.

It sounds quite troubling at first glance, particularly with so many businesses now using QR codes to provide contactless services during the pandemic. Even Jen Easterly, the Director of the US Cybersecurity and Critical Infrastructure Agency, has a QR code on her business card – or so she perhaps jokingly claimed in a tweet.

But how concerned should you really be about QR codes as an attack vector?

In this blog post, we take a look at how fake QR code attacks work and whether it’s ever safe to scan them.
...
While QR codes may be low-risk, that doesn’t mean they’re no-risk and makes sense to keep this in mind. If you’re using a QR code to call up a restaurant’s menu or in the privacy of your own home to connect your TV to your Netflix account, you really don’t need to worry at all. Scan away! If, however, you’re using a QR code to launch a site into which you’ll be entering your personal or financial information, then it makes sense be a little bit cautious – especially if the QR code is in a public location and could have been tampered with. In such cases, it may make sense to manually launch the URL for the site you’re wanting to visit instead.
Read the full blog post here:
 

show-Zi

Level 34
Verified
Top poster
Well-known
Jan 28, 2018
2,358
□Forecast□
Under the slogan "QR codes are dangerous," security software with suspicious QR codes begins to circulate.:unsure::coffee:

you should keep in mind that there is a small risk and exercise caution when appropriate.(Excerpt from the Emisi blog)
I think that's the whole basis of security.:)
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Well-known
Jul 27, 2015
4,966
"QR codes are dangerous," security software with suspicious QR codes begins to circulate.:unsure::coffee:

you should keep in mind that there is a small risk and exercise caution when appropriate.(Excerpt from the Emisi blog)
I think that's the whole basis of security.:)
2022-03-22-11-37-21.jpg

Never use a QR app or built-in feature that automatic opens the link. The shared example here is a staff approved safe one. Enjoy! :p
 

show-Zi

Level 34
Verified
Top poster
Well-known
Jan 28, 2018
2,358
Never use a QR app or built-in feature that automatic opens the link. The shared example here is a staff approved safe one. Enjoy! :p
I checked various QR code specifications, but I thought that handling with a smartphone might be more dangerous than with a PC. The younger generation may undoubtedly be directed to dangerous sites.

Thanks for the Quick-Return music to the 1980s!
QR_950424.png
 
  • Like
Reactions: Gandalf_The_Grey