HomesecurityQR codes: How do they make you vulnerable to cyber attacks?

QR codes: How do they make you vulnerable to cyber attacks?

Η The use of QR codes is increasing more and more, but so are cyber attacks: Phishing, malware, banking heists and many more can come from just one incorrect scan. This conclusion emerged after research carried out by Ivanti to 4.157 consumers in China, France, Germany, Japan, the United Kingdom and the United States.

In particular, the investigation found that 57% of respondents have increased their use of QR code since mid-March 2020, mainly due to the need for contactless transactions with his outburst COVID-19. In total, three quarters of respondents (77%) they said that had scanned QR codes before the pandemic, while 43% said they had scanned QR codes in the past week.

Read also: How to quickly create QR codes with Bing

QR (Quick Response) codes are a form of barcodes that started somewhere in the early 1990s in Japan, in the field of automotive industry. They became very popular due to their large storage capacity and readability. Nowadays we find QR codes in magazines, various publications, shop cards, buildings and even T-shirts.

QR codes
QR codes: How do they make you vulnerable to cyber attacks?

Ivanti reported the following: "At the beginning of the pandemic, restaurants used QR codes as a menu or payment option, but as the pandemic continued throughout 2020, consumers used QR codes more often for practical things like going to the doctor or getting a prescription. "Even in offices and workplaces, the use of QR codes has increased from 11% to 14%, which underscores the change in the way they were used during the pandemic."

In addition, the 83% respondents stated that used QR code for the first time in the last 12 months, to make a payment or complete a financial transaction. Of these, more than half (54%) used QR code for financial reasons only the last three months.

See also: How can you easily share your Wi-Fi with QR code?

The growing use of QR codes intensifies their interest hackers, who see a very good opportunity to realize cyber attacks, according to Ivanti. So, although 87% of respondents said they feel safe using a QR code to complete a financial transaction, in fact they would have to be more hesitant because of the potential threats.

Chris Goettl, Senior Product Management and Security at Ivanti, said: "In our latest survey, 31% of respondents claimed to have scanned a QR code that did something they did not expect or were redirected to a suspicious website. "This indicates a small increase compared to six months ago, when 25% of respondents claimed to have scanned a QR code with which the same thing happened to them."

QR codes cyber attacks?
QR codes: How do they make you vulnerable to cyber attacks?

Regarding how to carry out real-world attacks, Goettl noted that hackers are known to create stickers with malicious QR codes and paste them on legal QR codes, which allows them to track transactions and record payment information.

"This happened in parking lots and outdoor dining areas", Goettl pointed out.

In addition, hackers typically use QR codes for phishing and malware attacks, while malicious QR codes can direct users to sites appearing to be legal but in reality have been created to steal credentials, credit card data, corporate links and more. They may also take users to sites that automatically download malware to mobile devices. Both types of attacks typically target hacking accounts, corporate applications, and data that may exist on a device.

However, the most common form QRLjacking is when a legitimate QR code designed to facilitate cashless payments is replaced by a malicious QR code that exposes bank or financial account information when scanning. This malicious QR code could allow hackers to transfer money from bank accounts.

QR code
QR codes: How do they make you vulnerable to cyber attacks?

Proposal: NSW: QR codes are very effective for COVID-19 contact detection

The risks are even greater as the 49% of respondents in Ivanti research do not have mobile security software, but also what is observed general lack of awareness. For example, only the 37% knew that a QR code could download an application, while only one-fifth (22%) knew that a QR code could give the physical location. Moreover, only the 39% said they could recognize a malicious QR code.

Goettl explained that because of the pandemic, employees are using their mobile devices more than ever to access corporate data and services from any location. As the popularity and use of QR codes continues to grow, they will no doubt be increasingly exploited by hackers who aim to break into devices and steal personal or corporate data..

How can you prevent QR code cyberattacks?

  • To avoid falling victim to such an attack, you should first adopt one good basic safety "hygiene". For example, you should be careful with QR codes in public places that appear to be hastily pasted, as they may have replaced a legal QR code.
  • Do not scan a random QR code.
  • Be suspicious if, after scanning a QR code, a password or login information is required
  • Do not scan QR codes received in emails unless you are sure they are legal.
  • Do not scan a QR code if it is printed on a label and placed over another QR code. Ask a staff member first to verify his or her legality. The company could update the original QR code.
cyber attacks
QR codes: How do they make you vulnerable to cyber attacks?

Finally, Goettl emphasized the following: "There is little awareness of this issue. QR codes have become so commonplace that people are easy to scan. "The more dependent you are on QR codes, the more likely they are to succeed in malicious QR codes, as a means of installing malicious code, ransomware, or stealing contact or payment information from a mobile device."

Source of information:

Every accomplishment starts with the decision to try.