FTC Issues Warning About Cybercriminals Using Malicious QR Codes

Officials from the US Federal Trade Commission (FTC) have cautioned people to be careful while scanning QR codes. The warning comes in the wake of a rising number of scams and other cyberattacks utilizing the popular technology.

There has been a sharp increase in the widespread use of QR codes in recent years, with about 36% of smartphone users scanning them at least once a week.

According to the FTC, cyber attackers are taking advantage of the trend to conduct cyber-attacks and steal information by using malicious QR codes.

How QR Codes Have Become a New Weapon for Cybercriminals

Offering a convenient way to access different websites and services, QR codes are growing increasingly popular. The usage of the technology particularly grew during the pandemic, when QR codes were used for a myriad range of purposes like directing people to online menus while avoiding physical contact.

About 50% of smartphone users agree that using QR codes has made their lives easier, with a majority of them hoping that the future will see them being used more widely.

This, together with the hassle-free experience offered by QR codes, fuelled their widespread adoption.

However, it's the usefulness and the growing popularity of QR codes that make them such an appealing addition to the arsenal of cybercriminals. The very technology that allows people to conveniently access different links is now being abused to direct unsuspecting victims to malicious websites.

Martin Smith, founder of the Security Awareness Special Interest Group (SASIG), explained that cybercriminals are now using QR codes in phishing attacks - a new practice known as Quishing. This can subject victims to a variety of cyber-attacks, including the theft of personal and sensitive information.

There have recently been numerous incidents of cybercriminals using malicious QR codes to deceive people into sharing information, downloading malware, or even making voluntary payments. For instance, fake QR codes were placed on parking meters in Texas to trick motorists into paying the cybercriminals instead of the authorities.

In Atlanta, there were alarming reports of fake parking tickets being slapped on the windshields of vehicles, with a QR code that the motorists can use to pay the supposed fine'. While actual parking tickets don't come with QR codes, not everyone is aware of it.

However, the surge in cyber-attacks utilizing QR codes doesn't really come as a surprise considering cybercriminals are known to be extremely adaptable. Taking notice of the fast growth in the popularity of QR codes, they were quick to start making use of it in every way possible.

FTC Guidelines on Staying Safe

In addition to warning people about the threat posed by malicious QR codes, the FTC also released guidelines on how people can protect themselves from such scams and cyberattacks. The commission urged users to verify any QR code found in unexpected places.

Pointing out that criminals often use spoofed websites with a URL very similar to that of the website being duplicated, the FTC has reminded people to double-check the destination upon scanning a QR code.

Users should also refrain from scanning any QR codes sent via unexpected texts or emails, especially if it urges you to act immediately", the commission cautioned.

If a seemingly important message looks like it might actually be illegitimate, it's best to contact the respective company or organization to verify. The FTC also advised people to follow security practices like using strong passwords and updating their devices to the latest operating system.

The post FTC Issues Warning About Cybercriminals Using Malicious QR Codes appeared first on The Tech Report.