Cybersecurity: Links to Malware sites in QR

  • Thread starter Thread starter Astronuc
  • Start date Start date
  • Tags Tags
    Links
Click For Summary
SUMMARY

The discussion highlights the cybersecurity risks associated with scanning QR codes, particularly those from unsolicited sources. The FBI warns that cybercriminals exploit QR codes to direct users to malicious websites, steal personal data, and embed malware on devices. Users are advised to exercise caution by avoiding unsolicited emails and verifying the legitimacy of QR codes before scanning. The conversation emphasizes the need for awareness among both consumers and business owners regarding the potential dangers of QR code technology.

PREREQUISITES
  • Understanding of QR code technology and its applications
  • Basic knowledge of cybersecurity principles
  • Familiarity with malware types and their impacts
  • Awareness of phishing tactics and social engineering
NEXT STEPS
  • Research best practices for safe QR code scanning
  • Learn about common types of malware and their prevention
  • Explore cybersecurity measures for businesses using QR codes
  • Investigate the role of the FBI in cybersecurity awareness and consumer protection
USEFUL FOR

This discussion is beneficial for consumers, business owners, cybersecurity professionals, and anyone interested in understanding the risks associated with QR codes and enhancing their online safety practices.

Astronuc
Staff Emeritus
Science Advisor
Gold Member
Messages
22,493
Reaction score
7,401
DON'T activate websites/links in QR codes, especially if from unsolicited parties.

If You Scanned That QR Code from the Super Bowl (Or Any QR Code), the FBI Has a Warning for You
QR codes are appearing everywhere--even in Super Bowl ads--but consumers and business owners should know that there are risks.

https://www.inc.com/jason-aten/if-y...ing-super-bowl-fbi-has-a-warning-for-you.html

QR codes are popping up everywhere as a way to direct customers to information without having to hand them a piece of paper or take a chance that they might mistype a URL.

There's a problem, however. Not every QR code is what it seems, and they've become a tool for bad actors. That's why the FBI is warning consumers to be aware any time they scan a QR code, and take steps to protect their information. While the FBI's warning isn't specifically in response to the Coinbase ad, there's an important lesson here--not just for consumers, but for business owners, as well.

The beauty of a QR code is that instead of asking someone to remember a website, you simply embed it in the code. When they scan the code, it takes them directly to whatever webpage you want.

As you might imagine, anytime a new technology makes it easier to get people to visit a website, or send money, someone is going to abuse it. That's exactly the warning that the FBI sent last month:
"Cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim's device, and redirecting payment for cybercriminal use."

Once Malware gets on a system, it can look for or record personal information, e.g., bank accounts and login information. If one uses online banking or electronic funds transfer, malware may 'steal' information.

So, protect oneself.

Other do nots:

Do not respond to unsolicited emails or messages.

Do not click on links in messages or emails.

Do ask oneself if you would expect a friend or contact to send any such request or information? Always, check with the person you think might have contacted you. Again, do not respond to unsolicited emails, or emails saying one's account has been compromised and personal information is needed.

Unless one knows the other party well, and is expecting an email, be wary, as in cautious, or suspicious.
 
Reply
  • Like
Likes   Reactions: Oldman too and StevieTNZ
Computer science news on Phys.org
Yes, it is easy to print out a malicious CR code and stick it on top of a legitimate code in a public place. Someone would have to go around scanning EVERY public QR code to see if it had been switched.
 
Reply
  • Informative
Likes   Reactions: Oldman too

Similar threads

Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
Graduate BRS: PKI Cryptosystems for SA/Ms: A Tutorial
  • · Replies 13 ·
Replies
13
Views
4K
  • Sticky
Physics Forums Global Guidelines
  • · Replies 2 ·
Replies
2
Views
503K