QR Codes are being used for Cyberattacks!

As businesses begin to open again as lockdown slowly ends, businesses are finding ways to avoid physical contact and keep social distancing as much as possible. Instead of traditional menus, restaurants have mostly turned to digital menus and all businesses are required to perform tracking activities. These solutions, as well as others being implemented, often rely on “Mobile Quick Response” Codes, or as they are more commonly referred to, QR Codes. These black and white square codes are read by your smartphone’s camera and take you to a website or download. They have been used occasionally for a while but during Covid 19, their use has risen significantly, due to their value in contactless systems. Now, their use has spread to making financial transactions, visiting doctors offices, picking up prescriptions and a whole host of other things.

Whilst the benefit of this technology, especially in the current ecosystem, is great- there are not enough security considerations around the technology. Due to all of this increased use, cybercriminals have started using QR codes as a vector for attack. Because of the lack of awareness around QR code vulnerabilities, cybercriminals can place QR codes in places where they will be used by unsuspecting victims and instead of taking you to your intended website or download, they will take you to a compromised site or malicious download. Real world attacks have been happening where malicious parties have created adhesive labels with malicious QR codes that they place over legitimate QR codes to trick unsuspecting victims. This allows them to sit in the middle of transactions and capture payment information.

What to be aware of

IT Security firm, Ivanti has been researching this subject and says that these attacks have already been happening in parking garages and outdoor dining establishments. Another attack that is being performed is the use of QR codes in a type of phishing attack, where the code sends users to legitimate looking websites designed to steal credentials, credit card data, corporate logins or even links to automatic downloads that install malware onto mobile devices that look for private or corporate apps and data stored on a device. US Army’s Major Cybercrime Unit has issued an alert that malicious QR codes could:

· Add nefarious contact to the contact list.

· Connect the device to a malicious network.

· Send text messages to one or all contacts in a user’s address book.

· Complete a telephone call to a premium telephone number that imposes excess charges on the calling phone’s account.

· Send payments to a destination where they cannot be recovered.

· To exacerbate these risks, a significant number of people do not have any security software on their mobile devices, making them very vulnerable to attack.

To reduce the risks of getting caught out by one of these attacks, follow these tips:

· Ensure you have up to date security software installed on your mobile devices.

· Do not scan any QR codes you find out in public.

· Be suspicious of any requests for passwords or logins after scanning a QR code.

· Do not scan codes found in emails unless you know for certain they are trustworthy.

· Always verify with a member of staff if a QR code is printed on a label and applied atop another QR code.

How we can help?

We can offer management and implementation of Microsoft's "Intune", which is a solution that allows you to more securely manage your organisation's mobile devices. We can help secure your company owned mobile devices and your BYOD to ensure that even if a malicious QR code is scanned by someone accidentally, there is some device security implemented to protect company data and applications. Click the link below to talk to us more about this.


Source: ThreatPost

Solution: Speak to GB3s Systems Team

Contact Us: Here to help

30 views0 comments