Risks of Using QRCodes and How To Mitigate it – Not As Safe as You Think

Iam Waqas
10/19/2021
Share this on:

Risk of using QR codesQR codes have long since been present around us, commonly used to store information of various kinds. These codes are a popular means of information storage and exchange, and you can find them almost everywhere. People and companies have used them to store and distribute information from restaurants, hospitals, and packaging ever since their advent in the 90s. They are smart, efficient, and easy to use.

Moreover, since they allow a virtual exchange of information, the rise of the coronavirus pandemic has somewhat increased their use. However, within the convenience they offer, the risks and dangers of using QR codes are often overlooked and forgotten.

 


 

Want more tech news? Subscribe to ComputingEdge Newsletter Today!

 


 

Why are QR codes not safe?

There are several incidents regarding the exploitation and misuse of QR codes. Various hackers and threat actors have used QR codes as an attack vector, including the American hacker Jester. They converted their Twitter profile into a QR code, coding it to search the scanner’s phone for activity over various extremist platforms. If there was any extremist activity detected on the person’s phone, the code programmatically raised user privilege and stole information from their phone.

The threat actor used the combination of social engineering and the QR tech for a malicious purpose. Apart from that, there are several instances where threat actors abuse QR codes in various aspects as an attack vector.

As the use of QR codes surged with the pandemic, threat actors have used that opportunity to further use this convenient technology for a sinister purpose. Research from September 2020 reveals the significant security risks QR codes pose to enterprises and individuals alike. The most common ways threat actors use to exploit QR codes are:

  • Embed QR codes with malicious URLs
  • Replace legitimate QR codes with compromised ones merely by pasting their QR codes on pre-existing ones.

With that, cybercriminals manage to launch various attacks on people. The most common security risks with QR codes are as follows:

 

1. Malware attacks

Cybercriminals might embed malicious URLs in publicly present QR codes so that anyone who scans them gets infected by malware. At times merely visiting the website might trigger the downloading of malware silently in the background. Apart from that, they might also send phishing emails containing QR codes that again infect the user’s device with malware when scanned.

The malware can then harm users in several different ways. It might open backdoors for more malware infections or silently steal the target’s information and send it to the cybercriminals. At times, these malware infections might even be ransomware attacks that would hold your information hostage for ransom.

Moreover, hacks might also use these malware infections to access the target device’s location, contact list of data. Spyware or a tracker might monitor the targets’ every move or open their webcams to carry out live feeds unbeknownst to them.

 

2. Phishing Attacks

QR codes are also used to serve in phishing attacks, a problem known as QPhishing. A cybercriminal might replace a legitimate QR code with the one embedded with a phishing website URL. The phishing website then prompts users to reveal the personal information that criminals sell over the dark web. Apart from that, they might also coerce you into paying for materials causing them financial gain.

These phishing websites have slight differences from legitimate websites, which makes them seem authentic to the victim. They are primarily exact replicas of the original with minor differences, such as the “.com” in the domain name can be replaced by something else such as “ai” or “in.”

 

3. Bugs in QR codes

At times it may also not be a threat actor working to exploit users. A mere bug within a QR code reader application. Hackers might use the bug to exploit cameras or sensors within phones or other devices. Threat actors might also exploit a bug or an issue within the legitimate URLs that the QR code links with.

This incident happened with Heinz back in September 2015 when their QR code directed users towards inappropriate websites. The QR code was a part of their promotion campaign that allowed users to create custom Ketchup bottles labels once they reached the site. However, the QR code directed users to a completely different and inappropriate website.

The issue was that Heinz had not renewed their registration of the domain name. When the domain name became available, a third party started using it.

 

4. Financial theft

QR codes have long since been an efficient manner of carrying out transactions and paying bills. Their use has grown exponentially during the covid-19 pandemic to promote “no-contact” communication and information exchange methods. QR codes are present at restaurants and even fuel stations for customers to pay. Within such public places, any threat actor can swap a legitimate QR code with a fake one so that the transactions go into their bank account.

 

How to maintain security with QR codes?

QR codes are popular, especially during these times with the covid-19 pandemic. These QR codes are the new normal of information exchange since they allow virtual communication, which is much-needed these days. However, considering the security risks involved, ensuring privacy and security while using these QR codes is best. Some of the best possible ways to mitigate these risks are as follows:

 

1. Scan QR codes of trusted sources only.

QR codes often spark curiosity which hackers and criminals often use. It is, therefore, best to remain careful and scan your QR codes from trusted sources only. This would ensure protection from malware and phishing attacks.

To ensure that the source is reliable for trust, a user needs to check the website URL and security, such as looking for SSL certificates. Only after confirming that these security measures are intact should a person share information or carry out transactions within that particular site.

 

2. Use QR scanners that display site URLs

Most QR scanners directly display the website after scanning the code. It is primarily third-party scanners that have this feature, and while it may seem convenient, it is dangerous as the link might be malicious. It is, therefore, best to use built-in QR scanners that come within smartphone cameras. These scanners display the site link before opening them, allowing the user to close the link before it opens if it seems suspicious.

 

3. Regularly update your device’s security.

Software patches and third-party security applications help ensure protection in the long run. Installing and regularly updating your device’s security software patches can help maintain security. Moreover, it is also crucial to enable third-party protection through robust antimalware software. It would provide maximum safety from malicious activity and notify you immediately regarding suspicious activity such as unauthorized access to the device’s data.

 

4. Remain vigilant

While making online transactions through QR codes, remain vigilant and pay close attention to detail. Closely inspects the QR code to see if it has been swapped or tampered with otherwise. If you find something wrong with the QR code, it is best to avoid using it and find other modes of transactions.

 

Final words

Cyber security issues are on a constant rise, especially with the spread of coronavirus. Within the world’s haphazard shift towards digitization, many criminals have come up with innovative attack vectors to exploit people and organizations alike. QR code risks and threats are other examples of this exploitation. Therefore, amidst all these issues, it is best to try and ensure security and privacy by remaining vigilant.