The Federal Bureau of Investigation has cautioned device users about common criminal tactics.
The FBI has issued a warning to device users, cautioning that cybercriminals can tamper with QR codes in order to swipe a scanner’s information.
They aren’t telling consumers not to use the barcodes but are instead recommending that people take care.
QR codes have become extremely commonplace since the start of the pandemic. Businesses of all forms put them into use to help ensure that information that once would have been provided on printed materials would be available on a person’s phone in a contactless way instead. This was particularly true for menus in restaurants and other similar materials.
Now, the barcodes are used for everything from accessing a website without having to manually enter the URL, to downloading an application or sending a payment. They might have been mocked before the pandemic, but now they have become ubiquitous due to their contactless and convenient nature.
The FBI says cybercriminals are using fake QR codes to take advantage of these common barcodes.
Now that quick response barcodes are familiar and trusted, criminals are creating fake ones that will direct scanners to malicious sites that will embed malware, steal data, or redirect money directly to them.
Though the barcodes themselves aren’t dangerous, the FBI is reminding consumers that it’s important to take care to be sure the ones that are scanned wont’ cause any harm. That way, it will be easier to avoid becoming a victim. Among the recommended strategies for avoiding problems include:
- Checking the URL that appears upon scanning a barcode before telling the phone to access it. Make sure the website to which the barcode directs is where you actually want to go.
- Check to be sure that a sticker hasn’t been placed on top of an original barcode to be scanned and that other forms of tampering haven’t occurred.
- Don’t use physical QR codes for making payments. Instead, enter a trusted URL manually.
The FBI recommends consistently reviewing those strategies to avoid cyberfraud and to report any malicious or fraudulent barcodes consumers believe they have spotted.