QR Code Scams: What They Are and Tips to Protect Yourself – Times of India

A recent report revealed that India has witnessed a rise in QR code scanning scams. According to a recent report by Palo Alto Networks, Bengaluru alone saw an estimated 21,000 incidents from 2017 to May 31, 2023, representing 41 percent of incidents related to QR codes, malicious links, or debit/credit card fraud.
The report also highlights the significant challenge in differentiating between genuine and fraudulent QR codes, as most are visually similar. Using this similarity, attackers replace legitimate QR codes with their own. So, for those who rely heavily on digital payments, it has become very important to be on the lookout for these kinds of scams and keep some tips in mind to protect yourself.
What is QR code fraud?
A QR code scanning scam is a fraudulent scheme designed to trick people into scanning a malicious QR code. When scanned, the QR code can redirect users to a phishing website or start installing malware on their device. Such scams are orchestrated to steal personal and financial information or gain unauthorized control over the victim's device.
how QR code scams working
1. Fraudsters create a malicious QR code: Fraudsters create a QR code that looks like it comes from a legitimate source, such as a popular brand or company. They can place the QR code in a public place, such as on a poster or sticker, or they can send it to the victim via email or text message.
2. Victims scan a QR code: When victims scan a malicious QR code, they are taken to a phishing website or web page that prompts them to download malware. A phishing website may look like a legitimate website of a popular brand or company and may ask victims to enter personal information or financial information. Malware can be disguised as a harmless app or file and can be downloaded without the victim's knowledge or consent.
3. Fraudsters steal information or control devices: After a victim enters their personal or financial information on a phishing website, or after they download malware, fraudsters can steal that information and use it for their own purposes. Malware can also give crooks remote access to the victim's device, allowing them to steal more information or even control the device.
Tips for protecting yourself from QR code scams
* Avoid scanning QR codes you find in public places, especially if they are not from a trusted source.
* Before scanning the QR code, use a QR code scanner app that can show you the destination URL. If the URL looks suspicious or does not match the expected destination, do not scan the QR code.
* Only download apps from official app stores like Google Play or Apple's App Store. Do not download apps from QR codes or unknown websites.
* Install security software on your device to protect against malware. Update your security software with the latest definitions.
* Be aware of the signs of phishing scams, such as emails or text messages asking for your personal or financial information. Do not click on links or enter information on websites you do not trust.