The FBI is warning the public that cybercriminals have been tampering with Quick Response (QR) codes to redirect victims to malicious sites that steal their login and financial information, according to a Tuesday (Jan. 18) public service announcement.
“Businesses use QR codes legitimately to provide convenient contactless access and have used them more frequently during the COVID-19 pandemic,” the announcement stated. “However, cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device and redirecting payment for cybercriminal use.”
Cybercriminals can tamper with both digital and physical QR codes, replacing legitimate codes with malicious ones, according to the announcement. The fraudulent QR codes may also contain embedded malware that allow cybercriminals to access to the victim’s mobile device and steal personal and financial information, allowing them to steal money from the victim’s accounts.
Cybercriminals can also replace QR codes used by businesses for payments with a tampered QR code and redirect the sender’s payment to the criminal’s account, the announcement stated.
“While QR codes are not malicious in nature, it is important to practice caution when entering financial information as well as providing payment through a site navigated to through a QR code,” according to the announcement. “Law enforcement cannot guarantee the recovery of lost funds after transfer.”
Cybercrime isn’t going away any time soon, and it’s getting more sophisticated every day. Last year, hackers from North Korea swiped close to $400 million in cryptocurrencies in at least seven cyberattacks that targeted investment firms and centralized exchanges, with 58% being ether and just 20% being bitcoin.
Rad more: North Korean Hackers Swiped $400M in Crypto Last Year
The fraudsters made use of phishing lures, code exploits, malware and advanced social engineering to funnel the funds from connected “hot” wallets into addresses controlled by the Democratic People’s Republic of Korea (DPRK), then laundered the money and cashed out.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More