Search

Security Advisory : What Are QR Codes and How Can You Stay Protected?

RGSA 09-16-24-01

Date : September 16, 2024

INTRODUCTION

A quick-response code (QR) is a type of barcode designed to store information in a way that digital devices can quickly read. Most modern smartphones come equipped with QR scanners, often integrated into the camera application, making scanning QR codes a breeze. The barcode is extremely versatile – it can be used as a shortcut to download applications, connect to wi-fi networks, open website links, and facilitate financial transactions. While QR codes serve many useful purposes, scammers have also found ways to exploit them.​

According to reports from the Better Business Bureau (BBB) and police departments across the country, scammers are using QR codes to trick people into visiting fake websites, fraudulent payment portals, or downloading harmful software. Often, these scams come through unsolicited messages or from QR codes posted in public places.

 

a person talking on the phone

HOW CAN I GET SCAMMED WTIH QR CODES?

Hackers can manipulate QR codes to conduct malicious activities. Here are a few examples:​

  1. Parking Meter Payments: Scammers have been placing fake QR codes on parking meters, making people think they can pay for parking through the code. These fake codes are easy to create and print. After using them, some victims return to find they’ve been fined or towed, increasing their financial losses.​
  2. Phishing Scams: Scammers use QR codes to lead people to phishing websites that ask for personal information, which can lead to identity theft. These codes can come via email, text, or on public flyers, often disguised as legitimate requests to verify your identity or account.​
  3. Fake Utility and Government Notices: Scammers often pose as utility companies or other government agencies, claiming there’s an unpaid bill that needs immediate attention. They ask for payment through a QR code, which takes victims to a convincing fake website. Business owners have also reported receiving letters with QR codes, asking them to complete fake filing requirements.​
  4. False Sense of Security: Scammers sometimes use real QR codes to make their schemes more convincing. For example, they might link to a legitimate website or fake employee profiles, using official logos and details to trick victims into trusting them.

RECOMMENDATIONS

By staying alert and verifying sources, you can protect yourself from falling victim to QR code scams. We recommend the following tips to avoid QR code scams:​

  1. Verify Before Scanning: If you receive a QR code from a friend or colleague, confirm with them that they actually meant to send it. Be cautious if the message feels out of character.​
  2. Be Cautious of Shortened URLs: When you hover your camera over a QR code, check the link that appears. If it’s a shortened URL, you won’t know where it leads, so proceed only if you’re confident the source is trustworthy.​
  3. Look for Tampering: Scammers might alter legitimate QR codes by placing stickers over them. Keep an eye out for signs of tampering, and ask the business to verify the code if you notice anything suspicious.

HOW RICHTER GUARDIAN CAN HELP YOU

  • Our mobile protection platform includes a tool that pre-scans URLs and QR codes for potential threats, whether they’re received through SMS, email, or accessed on social media. ​
  • Call us or send us an email at: +1 844-908-3950 and support@richterguardian.com if you need further guidance.