Surely on some occasion you have entered a link through a QR code From the phone. For example to see the menu in a restaurant, when you are seeing a tourist monument and it has this type of code to find more information, etc. It is very useful and they are becoming more widespread. Now, are they safe? In this article we talk about how they can steal money or passwords with them.
The FBI warns of the robbery with QR
An investigation carried out by the FBI puts users on alert by reporting that hackers are using more than ever QR codes to cheat. They are basically created maliciously and their goal is to steal personal data, passwords and even money from victims’ accounts.
How does deception work? The victim sees a QR code that appears to be secure, but is actually It has been modified to redirect them to a web page created by the attackers. That’s when the problem starts. That website may actually be Phishing or contain malware. If, for example, it is used to log into a bank account, in reality we would be sending that data to a server controlled by cybercriminals.
They warn that they are especially changing QR codes that are legitimately created to make payments. The victim enters the bank details and the information necessary for that transaction, but in reality what they obtain is the theft of personal data and the bank information they have entered.
The FBI indicates that QR codes are not dangerous in nature, since they simply serve to access a link and obtain more information about something, for example. But of course, it is something so simple to create that anyone could maliciously generate one for the sole purpose of scamming.
Tips for using QR safely
So, what can we do to use QR codes safely and not be scammed? The FBI has advised paying pay close attention to the url to which that QR code redirects. You have to check that the address is what it should be, with a reliable domain and be careful when putting personal data.
You also have to physically observe the QR itself. Has one been put on top of another? Do you see that they have taken off another one from the table or place where it is? All this can make us suspect that we are really dealing with a maliciously created code.
On the other hand, if you are going to download a file or make a payment, it is better to put the URL directly in the browser and not access through the QR. This can help you avoid malware or ending up on a Phishing site that has the sole purpose of stealing your banking and personal details.
In short, QR codes can be a security problem when making a payment in an establishment or simply accessing any type of information. It is necessary to have the devices protected, updated and use common sense so as not to fall into the trap.
