The FBI is Alarmed by the Spike in Fake QR Code Usage

The FBI is Alarmed by the Spike in Fake QR Code Usage

These boxy little codes have exploded in popularity in recent years, both as marketing tools and as savvy ways to avoid physical contact in public environments. Restaurants began asking customers to access virtual menus via QR codes at the start of the pandemic, in lieu of sanitizing physical menus or paying to print disposable paper ones. Entrepreneurs are known to carry business cards with QR codes in the corners, linking to their websites or social media; guerilla artists slap QR codes onto public poles to generate interest in their latest exhibition.

But according to the FBI, QR codes found out in the physical world (versus the virtual one) should be approached with caution. The agency warns that cybercriminals have begun tampering with QR codes to redirect those who scan them to malicious websites. Some of these websites are said to install malware onto victims’ phones and redirect otherwise innocent payments to the criminal. Others prompt victims to enter their financial institution credentials, giving the criminal access to the victim’s bank accounts. While virtual QR codes are tougher to tamper with, bad actors can easily stick altered codes over pre-existing ones in physical environments. And without more than just a glance, a hungry diner who’s just been seated at their favorite eatery might not notice the difference.

The FBI is Alarmed by the Spike in Fake QR Code Usage

It’s important to note that the FBI isn’t asking the public to do away with QR codes completely; after all, the codes have proved an excellent way for individuals and businesses to connect without contact and improve operational efficiency. Instead, the FBI is asking people to look twice before scanning physical codes. The agency recommends that before engaging with a QR code’s destination site, individuals inspect the URL for any typos or misplaced letters; avoiding app downloads and payments via QR code can be a helpful practice, too, since both can usually be conducted through a more trustworthy source, like a mobile app store or official company website. The FBI also suggests that people exercise caution when entering their login credentials or bank information online, though this is just basic internet hygiene.

Those who have personally encountered maliciously-altered QR codes are encouraged to report their experiences at the FBI’s Internet Crime Complaint Center for possible investigation.

Continue reading

Smoke Triggers Alarms on the International Space Station
Smoke Triggers Alarms on the International Space Station

Smoke alarms aboard the ISS went off in the wee hours this morning, accompanied by a smell of burning plastic. Roscosmos says it's no big deal, but Roscosmos says a lot of things.

Mozilla’s 2018 Internet Health Report Rings Alarm Bells
Mozilla’s 2018 Internet Health Report Rings Alarm Bells

Mozilla's report on the internet's state of health is available — and it's anything but happy.

iFixit: The Samsung Galaxy Fold is ‘Alarmingly Fragile’
iFixit: The Samsung Galaxy Fold is ‘Alarmingly Fragile’

iFixit took the Galaxy Fold apart and the news isn't good. Unless Samsung strengthens and protects the design, you're going to need to be extremely careful with this phone.