Cybercriminals Attack the QR Code | Antivirus Software

Cybercriminals are always on the lookout for new, ever more sophisticated ways to use the social engineering of the QR code to access consumers' personal data.

Smartphones continue to be users' preferred terminal for communication, entertainment, and transactions with ease, say  Security Experts who deliver its predictions for 2021. The QR code then appears as a fast and convenient entry mechanism to make mobile transactions more efficient. The use of these codes has developed in many areas, including product marketing, packaging, restaurants, retail, and entertainment in particular. In this unprecedented period, QR codes are helping to limit direct contact between businesses and consumers in all settings: from restaurants to beauty salons, including fitness centers. Users then have the ability to easily scan the code, and make purchases of products or services.

A September 2020 survey by Mobile Iron found that 86% of those surveyed had scanned a QR code in the past year, and more than half (54%) reported an increase in the use of this system since. the start of the pandemic. Respondents felt more secure using this mechanism in restaurants or bars (46%) as well as in retailers (38%). Two-thirds of respondents (67%) believe that this technology makes life easier in this period when contact is to be avoided and, more than half (58%) want it to be used more widely in the future.

1.7 billion is the estimated number for the number of coupons using scanned QR codes worldwide in 2017, this number is expected to triple to reach 5.3 billion by 2022. The use of QR codes on Consumer product packaging has also grown sharply indeed, such “smart” packaging is growing at an annual rate of 8% globally.

The report also reveals that while 69% of respondents believe they can distinguish a malicious URL, only 37% believe they can detect a malicious QR code. Almost two-thirds (61%) of those surveyed know that these codes can open a website and almost half (49%) know that a QR code can download an application. However, less than a third (31%) are aware that this code can make a payment, entice a user to follow someone on social networks (22%), or even make a phone call (21%). A quarter of respondents admit having scanned a QR code that had an unexpected result (such as being redirected to a questionable website), and 16% say they are not sure that the QR code has actually accomplished its mission.

The lack of user knowledge on how this technology works makes it a useful tool for cybercriminals. In the past, they have been used in phishing programs to prevent anti-phishing solutions from identifying malicious URLs in emails. They can also be used on websites or social networks.

In this type of scheme, victims scan fraudulent QR codes and end up on malicious websites where they are asked to provide usernames, personal information, usernames, passwords, as well as information. payment, which criminals then exploit. These sites can also be used to simply download malware onto a user's device.

Security Experts predict that cybercriminals will increasingly use these QR code systems and also expand them using social engineering techniques. For example, knowing that professionals are looking to download apps that generate QR codes, malicious actors will trick consumers into downloading malicious apps that claim to do the same. Unfortunately, instead of generating a code, the app will steal the owner's data, which the crooks can then use for various fraudulent purposes.

Install advanced antivirus software and protect your data from fraudulent QR code attack.

Despite the fact that QR codes are considered a safety mechanism, there is a high probability that this technology will be misused by malicious actors in 2021 and beyond.