QR codes are handy and therefore used ever more widely. But there are also pitfalls to this technology, which are brazenly exploited by criminals.
From simple links to instructions for a bank transaction: just about any type of information can be stored inside those black-and-white patterned boxes. With the right app, these can be read and are often automatically processed, too. This and the fact that the content of a QR code can only be read by humans once scanned plays into the hands of fraudsters.
In the Netherlands for instance, fraudsters waylaid passers-by, asking them to pay a parking ticket for them using a QR code. In the process, this scam however resulted in those helpful and innocent victims disclosing their access data to their bank account, which was then emptied of all funds.
Of course there are also impersonal methods of scamming via QR codes, for instance by simply pasting over a payment code. All payments made by scanning any such pasted-over QR codes end up directly in a scammer’s account and not in that of the recipient originally intended.
QR codes can increasingly also be found in phishing mails. They are used to hide malicious websites from antivirus software.
Protect yourself by following the tips below:
- Only ever use QR code scanners which display the content of a code to you first and don’t process it straight away.
- Always check the link destination or payment information once you have scanned a QR code before opening the target page or finalising a transaction.
- Don’t let anyone talk you into paying using a QR code.
- Only use QR codes in any such situations where you consider their use normal or harmless.
If you are concerned that you have been scammed, raise the alarm with your financial institution directly, and also immediately change your access data.
Source: https://blog.malwarebytes.com/scams/2019/07/qr-code-scam-can-clean-out-your-bank-account/