QR codes are being more widely used as a way to help prevent the spread of germs due to COVID-19.
According to KTLA 5, the FBI is issuing a warning that cybercriminals are now targeting QR codes in hopes of stealing financial and personal information from victims. Restaurants and businesses have been using QR codes for customers to view menus, make payments, or to download certain items by using your cellphone camera.
These cybercriminals are interfering with the QR codes by redirecting them to "malicious sites" so they can steal your data or to install malware onto your smartphone. When the malware is installed, they can access the victims smartphone to steal personal information such as their bank account info.
Since it's really difficult to figure out the difference between a legitimate QR code from a malicious one, the FBI is warning people to be cautious when coming in contact with one, especially when using it as a way to make a payment.
Below are some tips provided by the FBI to avoid becoming a victim from the QR code scams:
- Make sure the URL code looks authentic and is the intended website (fake ones usually contain some kind of typo).
- Be cautious when you login, and use personal or bank information from sites being accessed by the QR codes.
- Inspect the code to make sure no one has tampered with it by placing a sticker over the original code.
- Use your phone's app store to download an app instead of using the one that the QR code has directed you to.
- If you make payments, do so with a trusted and known URL instead of the one used by the QR code.
- Be cautious of QR code scanner apps; your cellphone already has a built-in scanner through the camera.
- If someone sends you a QR code, double check to make sure it's valid.
If you have been a victim from the QR scams, report it right away to your local FBI field office or file a report online through the FBI's Internet Crime Complaint Center.