FBI Cautions When Using QR Codes

Share This TechTip

A few weeks ago, I wrote a TechTips article on the growing popularity of using QR codes in your marketing. It seems like QR codes are everywhere. Restaurants use them to allow you to download menus. You see them in print articles and publications, sending you to a particular website or webpage.

They are becoming quite helpful. And cybercriminals are paying attention.

A couple of recent articles have highlighted the potential danger of scanning a QR code without thinking about security and the potential for scammers to use those codes to steal information.

I recommend you read both these articles, as well as the FBI announcement.

In January, the FBI released a public service announcement highlighting how cybercriminals are tampering with QR codes and providing some suggestions for how you can protect yourself.

To recap, here is the list of steps the FBI recommends you take to protect yourself from QR code scams:

  • Once you scan a QR code, check the URL to ensure it is the intended site and looks authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
  • When entering login, personal, or financial information on a site navigated from a QR code, practice caution.
  • If scanning a physical QR code, ensure the code has not been tampered with, such as with a sticker placed on top of the original code.
  • Do not download an app from a QR code. Use your phone’s app store for a safer download.
  • If you receive an email stating a payment failed from a company you recently made a purchase with and the company says you can only complete the payment through a QR code, call the company to verify. Locate the company’s phone number through a trusted site rather than a number provided in the email.
  • Do not download a QR code scanner app. This increases your risk of downloading malware onto your device. Most phones have a built-in scanner through the camera app.
  • If you receive a QR code that you believe to be from someone you know, reach out to them through a known number or address to verify that the code is from them.
  • Avoid making payments through a site navigated from a QR code. Instead, manually enter a known and trusted URL to complete the payment.

If you believe you’ve been a victim of a QR code scam, report the fraud to your local FBI field office at www.fbi.gov/contact-us/field-offices. The FBI also encourages victims to report fraudulent or suspicious activities to the FBI Internet Crime Complaint Center at www.ic3.gov.

QR codes are a great tool that can help take some friction out of prospects and help customers quickly get the information they want. And, like many other things, a bit of caution is advised.

More TechTips To Explore

Cybersecurity

Pitfalls to Avoid in Your Cyber Journey

Many businesses are sitting down right now to finalize budgets and lay out their plans and goals for the new year. For those focused on creating a more formal cybersecurity approach to address cyber risk, Ryan Smith shares a few tips to help you through the process.

Read More »

Unleash Your Agency's Potential

Check out our Platinum & Premium Solution Providers.

Forgot Password?

Forgot Password?

Sign up for your free 30-day free trial!

 

Let's do this

Together

We’re thrilled to invite you into Catalyit. Fill out the form to get your free, limited access – your community awaits!

Already a Basic or Full Access Subscriber?

ALERT!

Vault videos are only visible to Full Access subscribers!

Sign in or upgrade now to unlock all Catalyit content and watch this webinar on-demand.

ALERT!

This content is only visible to Catalyit Full Access subscribers!

Sign in or upgrade now to unlock all Catalyit content.

ALERT!

This content is only visible to Catalyit subscribers!

Sign in, get started free, or upgrade now to unlock all Catalyit content.

ALERT!

Vault videos are only visible to Full Access subscribers!

Upgrade now to unlock all Catalyit content and watch this webinar on-demand.

Let's do this

 

Let's do this

Fill out the form below to get free Basic Access to Catalyit and activate your Trava account.

 

ALERT!

Solution Provider Profiles are only visible to Full Access subscribers!

Upgrade now to unlock all Catalyit content and learn more about this Solution Provider.