Saturday 9 December 2023

Beware of misleading QR code in public places QR codes in public spaces could be trying to trick you.

Cybercriminals place stickers with false codes on top of the real ones with the intention of introducing viruses into devices and stealing your money

Paying the bills


Bailey Bridge will ease traffic congestion in front of San Jose airport

QCOSTARICA -- On Friday (tomorrow) traffic will be enabled...

Half of Ticos will vote in municipal elections, UNA survey

QCOSTARICA -- 46.3% of voters are 100% convinced that...

Fidel’s Sister and Outspoken Critic, Juanita Castro, Dies in Miami

Q24N - Juanita Castro, the younger sister of Fidel...

Exploring the potential of AI in sports betting

Sports betting is a popular and exciting activity that...

18% of businesses report being affected by insecurity

QCOSTARICA -- 18% of businesses report having been harmed...

A disoriented government leads the country to the greatest security crisis in its history

QCOSTARICA -  Géiner Gómez is the agent of the...

Dollar Exchange

¢526.83 BUY

¢532.24 SELL

8 December 2023 - At The Banks - Source: BCCR

Paying the bills


QCOSTARICA — If you’re in the habit of scanning QR codes in public places, it is best to think twice before doing so, or at least make sure that they have not been violated in some way, as this could open a loophole for cybercriminals to access your cell phone and empty your bank account.

Cybercriminals who carry out these attacks have everything to gain and nothing to lose.

Yes, you should definitely take a second to think before you do so.

This method of known as ‘‘‘QRishing” or “skimming”, whereby criminals use a device placed in ATMs or other locations to access credit card information.

- Advertisement -

The ‘modus operandi’ basically consists of locating a QR code in a public place and subtly placing a sticker with a false code over a real one, which when scanned redirects the victim to a website that automatically introduces a malicious program such as ‘spyware’ into the mobile phone.

By trusting that you are entering a legitimate website, whether to view a restaurant menu or participate in a store promotion, for example, the virus manages to enter and infect the device, being able to steal sensitive data such as email and banking platform credentials and documents stored on the mobile device, ie a smartphone or tablet.

The 5 steps ‘QRishing’

  1. The cybercriminal replaces a valid QR code with a counterfeit one, usually by way of a sticker
  2. When scanned, the QR will redirect to a website pre-established by the hacker and with characteristics that allow the user to be deceived through social engineering techniques.
  3. Having entered the device, a malicious script program is downloaded, making it almost impossible for the victim to detect.
  4. Once the spyware virus has been planted, it is capable of reviewing bank transactions and any action that the user takes on their phone or tablet.
  5. Finally, by seizing credentials (ie login information, PIN) and any other sensitive information, the theft of funds in accounts and software blocking, among others, can be committed.

How to avoid becoming a victim

Of course, not everyone would scan a random QR code without an incentive or a caption explaining what they can expect to see. So cybercriminals often find another way to get people interested.

Scanning and reading a QR code mostly requires two things: a camera and a browser to follow the information in the QR code. As it’s so simple, that means it’s simple to avoid falling victim too.

Here’s how.

  • Block camera access on your device. Having an always-activated camera can also make it easy for you to scan a QR code without giving it a second thought.
  • Make sure to keep your software up to date. That way, you can avoid the risk of hackers finding weak spots in the apps or operating system you use without you even knowing.
  • Think it over before scanning. There’s no need to scan every QR code you come across.

The good thing is that QRishing is less common than other types of phishing because an attacker would need to invest some effort into distributing the malicious QR code. However, this form of phishing is relatively new, and not many people know about it.

- Advertisement -




- Advertisement -
Paying the bills
"Rico" is the crazy mind behind the Q media websites, a series of online magazines where everything is Q! In these times of new normal, stay at home. Stay safe. Stay healthy.

Related Articles

Bailey Bridge will ease traffic congestion in front of San Jose airport

QCOSTARICA -- On Friday (tomorrow) traffic will be enabled through the...

Half of Ticos will vote in municipal elections, UNA survey

QCOSTARICA -- 46.3% of voters are 100% convinced that they vote...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.