Fast response codes or QR gained popularity in the coronavirus pandemic as an alternative to access different contents and carry out procedures without contact.Menus in restaurants, plane tickets, public services receipts, film tickets, among others, already have this technology.
Although this mechanism is not new, because it was created by the engineer Masahiko Hara, of the dense company Wave in 1994 as a more effective alternative to bar codes, its use has been extended in the last decade to different sectors and allows you to open sitesweb, download applications, make payments and transfer money.
The adoption of this tool has made cybercounts worldwide seek new techniques to deceive users through this mechanism."QR codes are used as web links, which is why using them in a certain way exposes the same risks on the Internet, that is, these simple URLs can also be modified to redirect one user to another web page for malicious purposes.This is a widely used social engineering technique and in which the user understands that he entered a safe page, but was replaced by a malicious causing him to be a potential victim of phishing or some malware, "said Sol González, an expert inCybersecurity of the ESET Latin America.
Among the possibilities that attackers have when using QR codes are to raise administrator permissions on the phone and install software or application with viruses on the device.They can also send the user to a false page to steal access codes or enter cell payment applications and make transactions derived from robberies.
One of the modalities that has gained strength is qrljacking, an attack in which a WhatsApp user is a victim of kidnapping his account on the platform."This is a hoax that stands out for kidnapping the session through social engineering, for this they supplant services such as WhatsApp Web, with reference to the‘ login with QR code ’.The original QR code is replaced, and a QR code is inserted that enables the attacker.
To this is added another technique through which the user scanned the malicious QR code loads and automatically starts a phone call to a number that is already predefined and is one of the attackers.
This allows the offender to stay with the information of the call identifier, something that can generate other attacks such as the Sim Swapping, through which a duplicate of the SIM card is generated and the attacker is left with access to the cell lineof the victim.
Phishing modalities or malicious emails that exploit this tool have also been observed.In this case, said Roberto Martínez, a senior cybersecurity analyst of the Kaspersky company, the offender takes the user through the QR code that is in the mail to a false website where the login of a social network or a social network is requestedA Virtual Banking Branch.
"It is common for attackers to use short links, so it is more difficult to detect a false one when the smartphone requests confirmation," he added, cited by the same Colombian medium.
But this is not the only modality, it has also been observed - said Kaspersky's expert - that through this technology "frauds can add contact information in the victim's notebook with the name 'bank' to gain credibility in aCall in order to cheat; they could also make a call for charge, or they can simply know the location of the person in case they want to perform another criminal action ".
To prevent any of these attacks, it is important that you always distrust the codes you are going to scan and take measures before accessing them."Before scanning, the URL must be checked to the entrance, this can be done by disabling, in the case of mobile devices, the automatic opening of the links when scanning these codes," said Sol González.
I use tools such as Google Lens, which allows you to visualize the link before entering.There are free applications of recognized antivirus companies that allow you to review the codes on the phone to rule out an attack..Finally, use antivirus on your cell phone, which will allow you to block any safety violation.