QR Code Scam: The New Cyber Trend

Have you recently participated in an online webinar, paid for products and services, or taken your family to a nice restaurant?

You might have been the victim of a new cyber trend. Since the pandemic, many establishments have implemented what is known to be quick response codes, or QR codes. These codes are convenient and easy to use, while also providing a more sanitary experience for the user.

Because of the pandemic, many businesses have implemented the use of QR Codes to provide customers with a touchless experience which includes customer payment methods. There have been various cases that have been reported where QR codes have been tampered with, resulting in the theft of personal and financial information.

Below are some common scenarios where the use of QR codes have be exploited:

• Scanning QR codes at restaurants to open a menu on your phone.
• Registering for a webinar using a QR code.
• Using a QR code to pay at a gas station or parking meter.
• Receiving a phishing email which includes a QR code.

When an individual scans a QR code, they can be sent to a malicious website or launch a payment app. These codes are not scanned for malicious activity by all email security platforms and filters. QR codes have created new opportunities for hackers, giving them the ability to tamper with QR codes to mislead victims and direct them to malicious websites while stealing their personal and financial information.

Here are some recommendations that will help prevent being the victim of a QR code scam:

• Treat QR codes as if they were a suspicious email message.
• When at restaurants, consider asking for a physical menu.
• If you are uncertain a QR code is legitimate, go directly to their business website or ask the employee for additional information.
• Pay attention to QR codes that may have been suspiciously placed.
• Apply inspection mechanisms that will scan the QR code before opening your browser or application.