QR codes are popping up more and more everywhere you go; on product labels, magazine adverts, posters and flyers. Reports of cybercriminals exploiting these codes by substituting the code graphic displayed for their own dodgy versions first came to light about a year ago. Last week at a technology forum in London Symantec representatives warned again of the threat of QR code clickjacking.
Scan me, I'm not shady
Often QR codes are used as a quick and handy way to share URLs with smartphone users. Looking at a QR code gives the consumer no clue to what it may link to and scammers have been exploiting this more and more according to Symantec. The reports last year of QR code misdirection were mainly from users snapping codes from spam adverts and so on in the digital realm. The latest warning is of scammers placing their QR codes on top of legitimate ones on posters and signs in high traffic and footfall areas.
Snapping a QR code can take you to a website, for instance, that is a phishing copy of the legitimate website. Or the QR code link could take a user to a website with a malware payload. Remember most Android users stuck on early versions of the fragmented OS don’t have the bug and security fixes enjoyed by the higher end and more modern Android handsets. Gingerbread is the most popular target for Android malware.
Director enterprise learning and knowledge management at Symantec Hosted Services, Warren Sealey said at the Ovum Banking Technology Forum 2012 in London last week that “we've seen criminals using bad QR codes in busy places putting them on stickers and putting them over genuine ones in airports and city centres”.
A recent report suggests that scanning of QR codes by European consumers is up 96 per cent over the last two years. The next time you see a QR code and are about to pull the trigger please consider the likelihood of it being swapped by some scammers. At least look for signs of tampering, taping or an out of context design.