Our Insights

QR Code Cybercrime Risk

QR Code Cybercrime Risk

Quick response (QR) codes are a convenient format for storing all kinds of information in a readable and secure way, at least when correctly implemented. QR technology isn’t new, and security features like two-factor authentication (2FA) or multi-factor authentication (MFA) often invite users to generate such codes to secure their access to mobile apps. And like other authentication technology, it’s also attracted the attention of hackers looking to exploit any weaknesses.

/ What is QR Code?

According to BusinessInsider.com:

  • “QR codes are a type of barcode, or scannable pattern, that contain various forms of data, like website links, account information, phone numbers, or even coupons.
  • "QR codes are found everywhere from menus to social media to billboards but have picked up popularity during the pandemic for their contactless nature.

"To scan a QR code with your iPhone or Android, you'll want to use the QR code lens feature of your camera or download a QR code reader app.”

/ Why are QR codes not safe?

There are several incidents regarding the exploitation and misuse of QR codes. Various hackers and threat actors have used QR codes as an attack vector, including the American hacker, Jester. They converted their Twitter profile into a QR code, coding it to search the scanner’s phone for activity over various extremist platforms. If there was any extremist activity detected on the person’s phone, the code programmatically raised user privilege and stole information from their phone.

The threat actor used the combination of social engineering and the QR tech for a malicious purpose. Apart from that, there are several instances where threat actors abuse QR codes in various aspects as an attack vector.

/ The most common security risks with QR codes
  1. Malware attacks
  • Cybercriminals might embed malicious URLs in publicly present QR codes so that anyone who scans them gets infected by malware. At times merely visiting the website might trigger the downloading of malware silently in the background. Apart from that, they might also send phishing emails containing QR codes that again infect the user’s device with malware when scanned.

    The malware can then harm users in several different ways. It might open backdoors for more malware infections or silently steal the target’s information and send it to the cybercriminals. At times, these malware infections might even be ransomware attacks that would hold your information hostage for ransom.

  1. Phishing Attacks

QR codes are also used to serve in phishing attacks, a problem known as QPhishing. A cybercriminal might replace a legitimate QR code with the one embedded with a phishing website URL. The phishing website then prompts users to reveal the personal information that criminals sell over the dark web. Apart from that, they might also coerce you into paying for materials causing them financial gain.

These phishing websites have slight differences from legitimate websites, which makes them seem authentic to the victim. They are primarily exact replicas of the original with minor differences, such as the “.com” in the domain name can be replaced by something else such as “ai” or “in.”

  1. Bugs in QR codes

At times it may also not be a threat actor working to exploit users. A mere bug within a QR code reader application. Hackers might use the bug to exploit cameras or sensors within phones or other devices. Threat actors might also exploit a bug or an issue within the legitimate URLs that the QR code links with.

The issue was that Heinz had not renewed their registration of the domain name. When the domain

  1. Financial theft

QR codes have long since been an efficient manner of carrying out transactions and paying bills. Their use has grown exponentially during the covid-19 pandemic to promote “no-contact” communication and information exchange methods. QR codes are present at restaurants and even fuel stations for customers to pay. Within such public places, any threat actor can swap a legitimate QR code with a fake one so that the transactions go into their bank account.

Crowstrike Falcon Platform
/ Tips For Safely Using QR Codes

Back in January, the FBI released this alert on how Cybercriminals Tampering with QR Codes to Steal Victim Funds, which offers tips on how to protect yourself:

  • “Once you scan a QR code, check the URL to make sure it is the intended site and looks authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
  • "Practice caution when entering login, personal, or financial information from a site navigated to from a QR code.
  • "If scanning a physical QR code, ensure the code has not been tampered with, such as with a sticker placed on top of the original code.
  • "Do not download an app from a QR code. Use your phone's app store for a safer download.
  • "If you receive an email stating a payment failed from a company you recently made a purchase with and the company states you can only complete the payment through a QR code, call the company to verify. Locate the company's phone number through a trusted site rather than a number provided in the email.
  • "Do not download a QR code scanner app. This increases your risk of downloading malware onto your device. Most phones have a built-in scanner through the camera app.
  • "If you receive a QR code that you believe to be from someone you know, reach out to them through a known number or address to verify that the code is from them.
  • "Avoid making payments through a site navigated to from a QR code. Instead, manually enter a known and trusted URL to complete the payment.”

Connect

Stay On The Loop

Subscribe to our news letter to get the lattest Cyber Code Technologies news
Image
Head Office:
Dubai Silcon Oasis Dubai, UAE

Iraq Office:

Alqadisiya - Baghdad, Iraq
+9647815557070