During the Pandemic, the world witnessed a re-introduction of QR codes, which is a URL-imbedded barcode. Businesses were searching for a hygienic way to complete purchases or make the process of ordering food quicker and easier for everyone. QR codes were a cost-effective option that many businesses adopted.
How QR codes work
Simply stated, using their mobile device a person can scan a QR barcode and through that code are taken to a webpage designated by the business. For example, this tool was largely adopted by the restaurant industry during the height of Covid-19 for guests to view a menu and pay a bill at the end of the night. However, its rise in popularity also made it a target. Hackers and scammers began to utilize QR codes to steal personal information or, worse yet, to install malware on a person’s mobile device.
How Can Hackers Steal Your Information Through a QR Code?
Some QR codes allow you to inspect the URL before your phone launches the designated webpage, but let’s be honest – if we’re in a hurry or distracted enough to consider using a QR code, we’re likely not paying attention to the URL we’re being directed to. And, that’s not good.
Scammers count on that distraction and hope we are not double-checking these links. They’ve been known to place a fake QR code sticker over a legitimate QR code in restaurants, gas pumps, and any other place where a QR code is made available to the public. The fake code is responsible for redirecting the victim to a different payment platform where collection of a credit card number is now easier. Or, the fake QR code could redirect a victim to a different webpage which hosts malware.
How Can You Protect Yourself Against QR Hackers?
Here are some simple ways you can protect yourself and your family from becoming a victim of a QR code scam.
Be Cautious
Treat any QR code like a link in an unknown email and don’t scan it if you’re uncertain. First, consider the context of the QR code - is it on a sign in a secured area where no one could have tampered with it, or is it part of a professionally branded sticker? If yes, it’s likely more secure to use but not guaranteed. If the code itself shows sign of tampering, is exposed where someone with malicious intent could have accessed it, or if something seems a little out place, you may want to resist the chance of scanning it.
Type the Link into Your Browser
If you can, type the URL into your browser directly instead of scanning the code, especially when payments are involved. This way you can rest assured knowing you are going to the safe and secure webpage set up by the business for this purpose.
Use a QR Code Scanner App
Utilizing an app that is designed to scan QR codes will help safeguard you against attacks. These apps will allow you to inspect the QR code before it is passed to your browser or to your phone. Some quick Google searches will produce anti-virus companies with free scanner apps you can download directly to your phone. Free doesn’t always mean better, so, again, pay attention to those URLs as well.
Download Apps Directly
QR codes can be used to download apps, but remember this is also a tactic used by scammers and hackers to download malware onto your phone. The safest approach would be to download an app directly from the app store to ensure that malware does not get installed onto your mobile device.
Your Personal Information is Worth Defending
We know that being on constant alert and guarding your personal information and hard-earned money can be overwhelming, but being aware of these extra steps is well worth it. Blackhawk Bank emphasizes cybersecurity with every customer who walks through our doors, and we want to help educate you on the latest threats and trends to keep yourself as safe as possible.
If you want to learn more about Blackhawk Bank and how we can help you, contact us today.
Author:
Brian Mertens
VP Technology