Cybersecurity: Links to Malware sites in QR

  • Thread starter Astronuc
  • Start date
  • Tags
    Links
In summary: It's just not practical.Yes, cybercriminals are using QR codes to direct people to malicious sites to steal victim data. malware can be installed on a system if someone clicks on a link in a QR code. ALWAYS remember to ask yourself if the person you think might have contacted you would be the type to do so.Be especially cautious if you received an email or message that you didn't send or expect. Always, check with the person you think might have contacted you. Do not respond to unsolicited emails, or emails saying one's account has been compromised and personal information is needed. Unless you know the other party well, and are expecting an email, be wary, as in cautious, or suspicious.
  • #1
Astronuc
Staff Emeritus
Science Advisor
2023 Award
22,195
6,877
DON'T activate websites/links in QR codes, especially if from unsolicited parties.

If You Scanned That QR Code from the Super Bowl (Or Any QR Code), the FBI Has a Warning for You
QR codes are appearing everywhere--even in Super Bowl ads--but consumers and business owners should know that there are risks.

https://www.inc.com/jason-aten/if-y...ing-super-bowl-fbi-has-a-warning-for-you.html

QR codes are popping up everywhere as a way to direct customers to information without having to hand them a piece of paper or take a chance that they might mistype a URL.

There's a problem, however. Not every QR code is what it seems, and they've become a tool for bad actors. That's why the FBI is warning consumers to be aware any time they scan a QR code, and take steps to protect their information. While the FBI's warning isn't specifically in response to the Coinbase ad, there's an important lesson here--not just for consumers, but for business owners, as well.

The beauty of a QR code is that instead of asking someone to remember a website, you simply embed it in the code. When they scan the code, it takes them directly to whatever webpage you want.

As you might imagine, anytime a new technology makes it easier to get people to visit a website, or send money, someone is going to abuse it. That's exactly the warning that the FBI sent last month:
"Cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim's device, and redirecting payment for cybercriminal use."

Once Malware gets on a system, it can look for or record personal information, e.g., bank accounts and login information. If one uses online banking or electronic funds transfer, malware may 'steal' information.

So, protect oneself.

Other do nots:

Do not respond to unsolicited emails or messages.

Do not click on links in messages or emails.

Do ask oneself if you would expect a friend or contact to send any such request or information? Always, check with the person you think might have contacted you. Again, do not respond to unsolicited emails, or emails saying one's account has been compromised and personal information is needed.

Unless one knows the other party well, and is expecting an email, be wary, as in cautious, or suspicious.
 
  • Like
Likes Oldman too and StevieTNZ
Computer science news on Phys.org
  • #2
Yes, it is easy to print out a malicious CR code and stick it on top of a legitimate code in a public place. Someone would have to go around scanning EVERY public QR code to see if it had been switched.
 
  • Informative
Likes Oldman too

FAQ: Cybersecurity: Links to Malware sites in QR

What is meant by "links to malware sites in QR"?

The term "links to malware sites in QR" refers to the use of Quick Response (QR) codes, which are small square barcodes that can be scanned with a smartphone camera, to direct users to websites that contain malicious software (malware). These codes are often disguised as legitimate links, but when scanned, they can lead to the download of malware onto a user's device.

How can QR codes be used to spread malware?

QR codes can be easily generated and can contain a variety of information, including website URLs. Cybercriminals can create QR codes that appear to be legitimate, but actually redirect users to malicious websites. Additionally, QR codes can be printed on physical objects and placed in public spaces, making it easy for unsuspecting individuals to scan them and unknowingly download malware.

What are some examples of QR code-based malware?

One example of QR code-based malware is the "QR code generator" scam, where users are prompted to download a fake QR code generating app that contains malware. Another example is the use of QR codes in phishing attacks, where users are directed to fake websites that steal their personal information.

How can I protect myself from QR code-based malware?

To protect yourself from QR code-based malware, it is important to be cautious when scanning codes from unknown sources. Only scan QR codes from trusted sources, such as reputable companies or organizations. Additionally, consider using a QR code scanner app that includes built-in security features, such as automatically scanning for malicious links.

What can be done to prevent the spread of malware through QR codes?

To prevent the spread of malware through QR codes, companies can implement security measures such as scanning QR codes before they are published and monitoring for suspicious activity. Users can also report any suspicious QR codes they encounter. Additionally, educating the public about the dangers of scanning QR codes from unknown sources can also help prevent the spread of malware.

Similar threads

Replies
0
Views
96K
Replies
13
Views
3K
  • Sticky
Replies
2
Views
497K
Back
Top