How Cybercriminals Exploit QR Codes to Their Advantage

Since the outbreak of the COVID-19 pandemic, there has been a dramatic change in consumer technology across the globe. Quick-Response (QR code) technology was well received and much used after people turned to contactless transactions. However, the rise of digital transactions via QR code technology also introduced new cyber threats, which most people are unaware of.

By Rudra Srinivas, Senior Feature Writer, CISO MAG

According to research, more than 1.5 billion people leveraged QR codes for digital transactions in 2020 globally, and threat actors have already exploited the trend.

How QR Code Technology is Abused

A QR code is a barcode that allows users to instantly access information by a digital device.  QR codes store data as a series of pixels in a square-shaped grid and are mostly used to track details of a particular product in a supply chain. Consumer-based QR codes pose severe security threats to corporate systems and data. Several cybercriminal groups exploit QR codes via Quishing and QRLjacking attacks to compromise targeted devices and steal sensitive financial data.

Types of QR Code Attacks

Like phishing attacks, threat actors use different lures and tactics to trick users into scanning the malicious QR code. The types of QR code attacks include:

1. Quishing

In a Quishing attack, threat actors send a phishing email containing a malicious QR code attachment. Once the user scans the QR code, it will direct the user to a phishing page that captures sensitive data like users’ login credentials.

2. QRLjacking

Most organizations use Quick Response Code Login (QRL) as an alternative to password-based authentication procedures. A QRL allows users to log in to their accounts by scanning a QR code, which is encrypted with the user’s login credentials.

QRLJacking is like a social engineering attack capable of session hijacking affecting all accounts that rely on the Login with the QR code feature. In a QRLjacking attack,  threat actors trick unwitting users into scanning a specially crafted QRL rather than the legitimate one. Once the victim scans the malicious QRL, the device gets compromised, allowing the attacker to take over complete control over the device.

Also Read: Scammers Force Victims to Use Crypto ATMs and QR Codes

Additionally, threat actors leverage “honeypot” techniques such as enticing users with a free Wi-Fi network that scans the QR Code. Bad actors also replace QR codes in public places with malicious ones that redirect users to phishing sites. The malicious QR codes can connect the victim’s device to a malicious network to reveal the user’s location and initiate fraudulent payments. Most fraudulent QR codes can easily evade traditional security detections that only scan the email/site content rather than suspicious barcodes.

How to Prevent QR Code Attacks

While avoiding QR code scans may be impractical, taking certain proactive measures may help mitigate the risks associated with QR code technology.

• Do not log in to an application or service via a QR code.
• Remember, there is no need to scan a QR code to receive money. So, never believe it when someone encourages you to do so.
• Never initiate the payment, if you get a notification to put any sensitive information when you scan a QR code.
• Avoid scanning random QR codes from suspicious or unknown sources.
• Do not scan QR codes received via emails from unknown sources.
• Ensure the QR is original and not pasted over with another one.
• Use QR scanner software to view the URL before clicking on it.

Conclusion

QR code attacks, like ransomware and phishing attacks, are becoming more frequent across the global threat landscape. With new kinds of cyber threats predicted to surge in 2022, users should be vigilant about the risks involved and think before scanning their next QR code.

About the Author:

Rudra Srinivas is a Senior Feature Writer and part of the editorial team at CISO MAG. He writes news and feature stories on cybersecurity trends.       

More from the Rudra.