Lately, there has been a significant rise in QR code phishing attacks. These attacks take advantage of how common QR codes are and how comfortable people have become with using them. Hackers use these codes to trick people into visiting fake websites that steal their login information.
So far in 2024, these attacks have gone up by 22% compared to the end of 2023. Nearly 90% of these attacks aim to steal usernames and passwords, according to Abnormal Security. Hackers place these dangerous QR codes in emails, documents, and public places (even pay for parking machines!), making it hard to tell where they will take you.
One recent attack involved fake Microsoft Word documents pretending to be from Chinese government agencies. These documents contained QR codes that, when scanned, asked users to log in to get fake financial aid. This scam was similar to an incident from January 2023 that Fortinet reported on.
When victims scan the QR code, they are sent to a website created by the hackers. This website looks like it belongs to China’s Ministry of Human Resources. The site’s address comes from a domain generation algorithm (DGA), which helps the hackers create many different web addresses quickly.
The hackers use an IP address, 20.2.161.134, to host several fake websites linked to this large phishing campaign, according to a Cyber report. These websites pretend to offer labour subsidies, but their real goal is to steal personal information like names and national IDs.
Once victims enter their information, the fake site then asks for bank card numbers, phone numbers, and account balances for “verification” purposes. With this information, the hackers can make unauthorised transactions. They also ask for withdrawal passwords used for credit card payments, which can lead to even more financial losses.
In summary, this sophisticated QR code phishing scam uses trusted technology to steal financial information. It’s a growing threat that requires everyone to be more vigilant.
Recommendations
Here are some tips to protect yourself from QR code phishing attacks:
- Scan QR codes only from trusted sources. Be wary of codes that offer incentives or come from unknown sources.
- Check the URL carefully. After scanning a QR code, make sure the web address looks legitimate and starts with “HTTPS”.
- Use anti-virus and anti-phishing software. Install reputable security software on your devices.
- Stay informed about phishing techniques. Educate yourself and others about the risks of QR codes.
- Enable two-factor authentication (2FA). Adding an extra layer of security can help protect your accounts.
- Keep your software updated. Make sure your devices have the latest security patches.
- Use QR scanner apps with security features. Some apps can check the URLs of scanned QR codes against a database of known malicious sites.
- Regularly review your bank and card statements. Report any unauthorised transactions immediately.
- Usernames and passwords. Just because a site looks like your 365 login and asks for your 365 login, doesn’t always mean it’s actually 365 asking.