TIME.CO, Jakarta – Global security company Kaspersky warned that behind the convenience of use QR Code (QR Code), significant vulnerabilities exist. QR codes are used for a variety of purposes, such as quickly completing surveys, downloading useful content, and visiting websites of interest, simply by pointing your phone at an image.
On regular links the traps of cybercriminals can be found easily, because the warning signs are well known, such as typos or extra characters in the site address, disguised redirects, strange domain zones and so on.
“But for QR codes, no one can guess where the pile of black boxes will take you,” Kaspersky said in a statement on Wednesday, Sept. 6, 2023.
Kaspersky explains how QR codes can pose a threat and how not to fall victim to online scammers, like a 60-year-old Singaporean who lost up to $20,000 after scanning a QR code while buying bubble tea.
The Straits Times reported that the woman visited the bubble tea shop and saw a sticker pasted on the glass door, inviting customers to take an online survey for a free cup of milky tea.
Apparently, the sticker has been exploited. The scam code contains a link to download a third-party Android application, which is said to be used to take surveys. However, this is actually a dangerous application.
Once installed, the program requests access to your camera and microphone and activates Android’s accessibility services. This service built into Android allows cybercriminals to view and control the victim’s screen, as well as disable facial and fingerprint recognition.
This way attackers can force victims to manually type their banking app passwords if needed. The scammers just have to wait for the victims to log in, intercept their credentials and then use them to transfer all the money to their accounts.
Announcement
In order not to become a victim of misuse of fake QR codes, Kaspersky advises users to pay attention to the following:
– Check the linked site address in the QR code carefully and look for any common warning signs.
– Make sure the intended and actual content match. For example, if the code is supposed to lead to a survey, logically there should be some sort of form with answer choices. If not, close the site immediately. But even if the page does not arouse suspicion, you should still be careful: it could be a high-quality fake.
– Don’t download apps via QR code. Usually, genuine applications can always be found on Google Play, App Store or other official platforms. Under no circumstances may applications from third-party sources be installed.
– Protect your device with a reliable security solution. A built-in QR scanner lets you check links buried in a maze of boxes. Furthermore, Kaspersky’s solution will block attempts to visit dangerous sites and protect you from many other threats in cyberspace.
Always update latest information. Listen latest news and selected news from Tempo.co on the Telegram channel “Tempo.co Update”. Click https://t.me/tempodotcoupdate join. You have to-to install First the Telegram application.
Quoted From Many Source
