As most organizations embrace contactless technologies due to the COVID-19 pandemic especially with the growing number of new tech tools helping companies all over the world to rethink the way they interact with their consumers, many are unknowingly opening their flanks to scammers. For instance, restaurants have opted to use QR codes so that customers can browse menus on their phone or make contactless payments without risking possible transmission.
Africa’s leading cyber security outfit Check Point, is warning mobile users of the security risks of QR codes. The cybersecurity solutions company says that hackers are looking to take advantage of QR codes’ new popularity, by replacing legitimate QR codes with one that launches a malicious URL or tries to download customized malware. A recent survey by MobileIron showed that from March to September 2020, 38% of respondents scanned a QR code at a restaurant, bar or café, and 37% scanned a code at a retailer. Over half (51%) of respondents stated they do not have, or did not know if they had security software installed on their phones. In many cases, these phones hold both personal and business apps and data, putting organizations at increased cyber-risk.
“We need to remember that a QR code is nothing more than a quick and convenient way to access an online resource, and we can’t be certain that the resource is legitimate until after we’ve already scanned the code – which means that an attack could have already started,” says a Check Point .
“QR codes are not inherently secure or trustworthy, and hackers know that a majority of people have little or no security on their phones at all, so we strongly advise everyone to use a mobile security solution to protect their devices and data against phishing, malicious apps and malware.”