The dangers of scanning QR codes from email
QR or Quick Response code is an easy way to link to full content. But the issue is that you don’t know where you’re going, and it can lead to a dangerous trap set by cybercriminals.
Unfortunately, cybercriminals have found ways to exploit QR codes, using them as a tool for phishing and malware distribution. Scammers often send fraudulent emails containing QR codes, enticing recipients to scan them. Once scanned, these codes can lead to various malicious actions, such as:
- Fake websites: redirecting users to fake websites designed to steal personal information like usernames and passwords.
- Malware downloads: scanning a QR code can trigger the download of malicious software onto your device, compromising your organisation’s security and privacy.
- Financial fraud: scammers can use QR codes to initiate unauthorised transactions or steal funds from your digital wallets.
- HR scam: scammers can send you a fake “payroll” email with a QR code that takes you to a malicious website, requiring you to fill in your credentials to get a fake “salary increase, compensation modification, insurance revision etc.”
Keeping your organisation safe and secure is a top priority. This means staying alert and vigilant, whether at work or on personal devices.
Take precautions today
Always verify the legitimacy of the source before scanning any QR code. If you receive an email with a suspicious QR code. You can use the SLAM technique:
S: check the sender’s email address
L: verify links
A: beware of attachments
M: read the message carefully for ‘phishing’ methods urging you to take immediate action.
If you receive an email with a suspicious QR code, report it to your security department.