Cybercriminals are increasing the use of QR codes to carry out social engineering attacks, with access to payment applications on mobile terminals being one of their main targets. Today we will give you some tips for QR code security:
Currently, QR codes are being widely used. You can find them everywhere, catalogs, magazines, restaurant menus, stores, and increase as a way to access information and services. Just by scanning a QR code with a smartphone, it is possible to directly access digital content. This circumstance is being exploited by hackers to redirect users to malicious programs or websites.
Improve QR code security
QR codes are secure. Once the codes’ content is generated, there is no way to reverse it unless it is the creator, and this if you can make the changes you want.
The security problem arises with the information connected to the QR code. For this reason, codes from trusted sources must be scanned. For QR Code security, be very careful with the codes you receive. There are different risks:
-Phishing: it may appear in emails from dubious pages. You should keep a close eye on this.
-Malicious software: they are usually QR codes that lead to downloads. For this reason, verify the URLs and make legal downloads.
-Harmful websites: one of the worst consequences. They can steal personal information, activate the camera, access browser data, send spam and even attack other users.
5 tips you should put into practice
The codes’ ability to “unlock” devices and take advantage of their applications can give hackers virtual “pickpocket” access to the information you have on your phone. We recommend:
- Frequently check that the QR codes present in the business have not been changed or modified by third parties.
- Ensure that the QR code redirects to the indicated web page, i.e., it points to the page or service it claims to point to. To do this, you can use reading apps that allow you to check the URL before opening it.
- Disable the automatic opening of links when scanning a QR code. In this way, the address to which the code links can be checked. It will only open if we give permission to access it.
- Check that the URL is from a trusted site and matches the one indicated in the letter, leaflet, or advertisement.
- In the case of using QR codes that facilitate access to certain transport services, leisure, or reserved areas, do not disclose the QR code through social networks as you could be a victim of fraud.
– Be careful with bit.ly links: with the power to shorten links, you are left in complete ignorance about the origin. To do this, check on the page itself. Simply add the + symbol at the end of the URL received to know complete clicks’ statistics.
– Avoid giving personal information: if it is a dubious website and ask you for personal data, refuse login, passwords, or credit card details. In fact, if it looks suspicious to you, don’t do it at all!
– Use security apps: anti-virus and anti-malware are essential on cell phones and computers. They can stop drive-by download attacks and give notifications of strange URLs.