Woman looking at phone
05/25/22

To QR or Not To QR

QR codes (i.e. Quick Response codes) have been around since the 1990’s with widespread use beginning in the early 2000’s. In recent years, the use of QR codes has surged. No matter where you go (a restaurant, an event, or viewing an advertisement) you will probably encounter a QR code. As with every piece of technology, there comes the need to understand the risks involved.

“In 2021, 75.8 million smartphone users in the United States scanned a QR code on their mobile devices, up by 15.3 percent compared to 2020.” QR code usage is projected to grow by over 30% by the year 2025, with over 99 million users scanning QR codes. ¹

It seems like more people are using them than ever before, so what risk is there with a tiny little square?

Cybercriminals are using fraudulent QR codes to collect personal and financial information. Personal information can range from login credentials to mailing addresses whereas financial information can range from credit cards to bank account numbers! For example, the city of Austin, TX experienced a QR scam where people scanned QR codes placed on parking meters and paid for their parking (or so they thought) on a fraudulent website. ²

What can you do to help avoid being a victim of a fraudulent QR code? While there is no fool-proof way to avoid this, there are a few things you can do to help spot a fraudulent QR code.

  1. Consider the Source: If you’re at a restaurant, make sure that the server is the one directing you towards their QR code. Regardless of where you’re accessing the code, don’t make an assumption.
  2. Use Your Best Judgement: No one around to verify authenticity? Does the QR code look like it belongs to the original work? If not, it could be fraudulent. Be wary of stickers posted on top of original posters or flyers.
  3. Question Requests for Personal Information: Does the link the QR code take you to immediately ask for personal information? While this may be the intent of some QR codes, be vigilant to ensure it’s not fraudulent.
  4. Review for Accuracy: Many smartphone cameras now show a preview of the link that you intend to follow. Simply review the link to ensure that it appears legitimate and matches what you expect to be seeing. Misspellings or unfamiliar variations of the website URL would be clear signs to forgo following the link.  
  5. Do Not Scan from Email: Many scammers will include QR codes within emails. This is a red flag; do not scan! From an email, a link should be sufficient to direct you to a website, however, QR codes often bypass security software. 
  6. Use a Password Manager: This one sounds counterintuitive. But consider this: if a fraudulent QR code brings you to a seemingly legitimate website, you may unintentionally enter in a username and password which then compromises your login credentials. However, using a password manager will add a layer of protection in, simply because the fraudulent URL will not match your login credentials.
  • Password Manager Credentials:
    • Username: kellygirl
      • Password: panthers2-21^
      • Website: justwildcats.com
  • Credentials from Memory
    • Username: kellygirl
      • Password: panthers2-21^
      • Fraudulent Website: justwildacts.com

Did you spot the variance? Something very small can make a huge difference. The password manager will know not to fill in the login credentials because the website does not match what you have saved.

Fraudulent QR codes is one more evidence of how cybercriminals are looking for lucrative opportunities to capitalize on a new technology. Using the tips above will help you avoid accessing fraudulent websites via QR codes. We’re here to help you know what to look for and provide you with tools to help protect yourself. 

If you haven’t subscribed to IDSeal, don’t wait another day! IDSeal includes identity theft and device protection features that help to protect you from the schemes of thieves and cybercriminals. Click here to get started with the industry’s leading identity theft and device protection plans.

¹ Source: https://www.statista.com/statistics/1297768/us-smartphone-users-qr-scanner/#statisticContainer

It is not possible to prevent all identity theft or cybercrime, or to effectively monitor all activity on the internet. IDSeal cannot and does not guarantee complete protection against cybercrime or identity theft. IDSeal does not monitor the activities of all financial institutions, or all activities of any particular financial institution.

IDSeal Pro-Tec provides tools and resources to protect your data and identity, but no one can prevent all cybercrime or identity theft. Your own efforts are important to prevent unauthorized access to your personal information.

To QR or Not To QR
05/25/22

To QR or Not To QR

QR codes (i.e. Quick Response codes) have been around since the 1990’s with widespread use beginning in the early 2000’s. In recent years, the use of QR codes has surged. No matter where you go (a restaurant, an event, or viewing an advertisement) you will probably encounter a QR code. As with every piece of technology, there comes the need to understand the risks involved.

“In 2021, 75.8 million smartphone users in the United States scanned a QR code on their mobile devices, up by 15.3 percent compared to 2020.” QR code usage is projected to grow by over 30% by the year 2025, with over 99 million users scanning QR codes. ¹

It seems like more people are using them than ever before, so what risk is there with a tiny little square?

Cybercriminals are using fraudulent QR codes to collect personal and financial information. Personal information can range from login credentials to mailing addresses whereas financial information can range from credit cards to bank account numbers! For example, the city of Austin, TX experienced a QR scam where people scanned QR codes placed on parking meters and paid for their parking (or so they thought) on a fraudulent website. ²

What can you do to help avoid being a victim of a fraudulent QR code? While there is no fool-proof way to avoid this, there are a few things you can do to help spot a fraudulent QR code.

  1. Consider the Source: If you’re at a restaurant, make sure that the server is the one directing you towards their QR code. Regardless of where you’re accessing the code, don’t make an assumption.
  2. Use Your Best Judgement: No one around to verify authenticity? Does the QR code look like it belongs to the original work? If not, it could be fraudulent. Be wary of stickers posted on top of original posters or flyers.
  3. Question Requests for Personal Information: Does the link the QR code take you to immediately ask for personal information? While this may be the intent of some QR codes, be vigilant to ensure it’s not fraudulent.
  4. Review for Accuracy: Many smartphone cameras now show a preview of the link that you intend to follow. Simply review the link to ensure that it appears legitimate and matches what you expect to be seeing. Misspellings or unfamiliar variations of the website URL would be clear signs to forgo following the link.  
  5. Do Not Scan from Email: Many scammers will include QR codes within emails. This is a red flag; do not scan! From an email, a link should be sufficient to direct you to a website, however, QR codes often bypass security software. 
  6. Use a Password Manager: This one sounds counterintuitive. But consider this: if a fraudulent QR code brings you to a seemingly legitimate website, you may unintentionally enter in a username and password which then compromises your login credentials. However, using a password manager will add a layer of protection in, simply because the fraudulent URL will not match your login credentials.
  • Password Manager Credentials:
    • Username: kellygirl
      • Password: panthers2-21^
      • Website: justwildcats.com
  • Credentials from Memory
    • Username: kellygirl
      • Password: panthers2-21^
      • Fraudulent Website: justwildacts.com

Did you spot the variance? Something very small can make a huge difference. The password manager will know not to fill in the login credentials because the website does not match what you have saved.

Fraudulent QR codes is one more evidence of how cybercriminals are looking for lucrative opportunities to capitalize on a new technology. Using the tips above will help you avoid accessing fraudulent websites via QR codes. We’re here to help you know what to look for and provide you with tools to help protect yourself. 

If you haven’t subscribed to IDSeal, don’t wait another day! IDSeal includes identity theft and device protection features that help to protect you from the schemes of thieves and cybercriminals. Click here to get started with the industry’s leading identity theft and device protection plans.

¹ Source: https://www.statista.com/statistics/1297768/us-smartphone-users-qr-scanner/#statisticContainer

It is not possible to prevent all identity theft or cybercrime, or to effectively monitor all activity on the internet. IDSeal cannot and does not guarantee complete protection against cybercrime or identity theft. IDSeal does not monitor the activities of all financial institutions, or all activities of any particular financial institution.

IDSeal Pro-Tec provides tools and resources to protect your data and identity, but no one can prevent all cybercrime or identity theft. Your own efforts are important to prevent unauthorized access to your personal information.

Recent Posts
Archives
Start protecting your identity today! Signing up is quick & easy
Remember, 1-in-4 Americans are the victim of identity theft. It's not a matter of if you'll become a victim. It's when...

1It is not possible to prevent all identity theft or cybercrime, or to effectively monitor all activity on the internet. IDSeal cannot and does not guarantee complete protection against cybercrime or identity theft. IDSeal does not monitor the activities of all financial institutions, or all activities of any particular financial institution. Review the IDSeal Terms and Conditions for specific details regarding IDSeal services.

2The Identity Theft Insurance is underwritten and administered by American Bankers Insurance Company of Florida, an Assurant company under group or blanket policy(ies). The description provided in the Summary of Benefits is a summary and intended for informational purposes only and does not include all terms, conditions and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Review the Summary of Benefits.

3Recurring pricing shown excludes applicable sales tax. By enrolling as an IDSeal member under any plan, you authorize IDSeal to charge your payment method (credit/debit card) on a recurring basis for the fees associated with your membership plan. Review the IDSeal Terms and Conditions for important information regarding your membership, including your membership term, and your right to cancel; and review the IDSeal Privacy Policy for information regarding how IDSeal collects and processes your information.

4The credit scores provided are VantageScore 3.0 credit scores based on data from Equifax®, Experian® and TransUnion®. Any one bureau VantageScore mentioned is based on Experian data only. Please see the IDSeal Terms and Conditions for more information on credit scores.

5IDSeal Pro-Tec provides tools and resources to protect your data and identity, but no one can prevent all cybercrime or identity theft. Your own efforts are important to prevent unauthorized access to your personal information.

Terms and Conditions | Privacy Policy | Terms of Use | Accessibility Statement | Upgrade