QR Codes – The hidden menace

IT Consultancy & Repairs, located in Crewe, servicing Cheshire and surrounding areas.

QR Codes – The hidden menace

0

So QR Codes, those handy little graphics that you scan on your phone. They are wonderful…. but not always.

Hackers and Criminals are using QR codes to steal money and other information from you. Often disguised as genuine QR codes, but often placed over the genuine QR Codes.

How attackers exploit QR codes
What can make QR code security threats especially problematic is the element of surprise among unsuspecting users. “I’m not aware of any direct attacks to QR codes, but there have been plenty of examples of attackers utilizing their own QR codes in the course of attacks,” says Chris Sherman, senior industry analyst at Forrester Research.“ The main issue is that QR codes can initiate several actions on the user’s device, such as opening a website, adding a contact, or composing an email, but the user often has no idea what will happen when they scan the code,” he says. “Normally you can view the URL before clicking on it, but this isn’t always the case with QR codes.”

A common attack involves placing a malicious QR code in public, sometimes covering up a legitimate QR code, and when unsuspecting users scan the code they are sent to a malicious web page that could host an exploit kit, Sherman says. This can lead to further device compromise or possibly a spoofed login page to steal user credentials.“This form of phishing is the most common form of QR exploitation,” Sherman says. QR code exploitation that leads to credential theft, device compromise or data theft, and malicious surveillance are the top concerns to both enterprises and consumers, he says.

If QR codes lead to payment sites, then users might divulge their passwords and other personal information that could fall into the wrong hands. “Many websites do drive-by download, so mere presence on the site can start malicious software download,” says Rahul Telang, professor of information systems at Carnegie Mellon University’s Heinz College. “Mobile devices in general tend to be less secure than laptops or computers. Since QR codes are used on mobile devices, [the] possibility of vulnerability is higher, too.” Because many of these mobile devices are used within the context of enterprise IT, the infiltration of the devices can become a security weak point for organizations, he says.

Recently the CEO of a British technology company warned the UK government about potential serious flaws in the security of personal information and data used in a new contact tracing app that relies on QR code scanning technology. The technology can be subject to a process called “attagging” or cloning, according to Louis James Davis, CEO of VST Enterprises. With attagging, a genuine QR code is replaced by a cloned QR code that redirects users to a similar website where personal data can be intercepted and breached.

You may see a QR code embedded in a PDF file, supposedly from HR telling you that you need to fill in your personal details. As these codes can not be decoded by anti malware scanners, they are getting through mail filters.

The problem is, once you have scanned it, you wont know you are going to a malicious site until its too late.

So, how do we protect against these attacks?

Don’t scan the codes unless you have 100% confidence it is ok, have a feel, does it feel raised on the sign you are scanning? Is the E-Mail genuine – ASK!!!

Protect yourselves at all times.

©  2025 Paul Clarke IT Consultancy. Built using WordPress and the Highlight Theme

Follow by Email
Facebook
FbMessenger