Warning: New Hacker Scam Could Get You at NJ Restaurants
As the use of QR codes has grown in recent years so has the potential for scams to use them to gather personal information.
Scanning a QR code takes the user to a website without having to know the URL. But just like clicking on a link or downloading an attachment from an email one has to be careful before scanning the code, according to Krista Valenzuela, bureau chief of Cyber Threat Outreach and Partnerships at the New Jersey Cybersecurity and Communications Integration Cell.
"With QR codes, there's just a new method to send a malicious link," Valenzuela told New Jersey 101.5.
"As more organizations and companies utilize these technologies to send legitimate information to their customers we see cyber threat actors using those same methods."
Valenzuela said her office has not received any reports from the public about fraudulent QR codes but is well aware squishing happens. Filters used for New Jersey state government have caught and blocked emails containing fraudulent QR codes.
Use common sense when deciding what to scan
A good sign of quishing is when using it at a restaurant to scan a menu and you're getting more than a list of specials.
"For sure use common sense. If it's asking you to log into someplace or asking for you for your password for something that's fishy, you definitely should not have to log in somewhere to view and a menu," Valenzuela said.
"If it's asking you for really sensitive information, such as your date of birth, or your address, or phone number and stuff like that, you oftentimes don't need to put that in, especially for something where you're just trying to access information through the QR code."
When scanning QR codes, Valenzuela strongly suggests using the scanning tool that came with your phone instead of downloading a new app.
"But you might end up downloading a malicious one not knowing, and really, your phone should have a built-in scanner anyway. So it's really not necessary to download those third party applications," Valenzuela said.
Be wary if the code you are scanning is on a sticker as it could be a sign of someone placing
The Better Business Bureau offers these tips to avoid QR code scams
- If someone you know sends you a QR code, confirm that it is legitimate before scanning it. Whether you receive a text message from a friend or a message on social media from your workmate, contact that person directly before you scan the QR code to make sure they haven’t been hacked.
- Don’t open links from strangers. If you receive an unsolicited message from a stranger, don’t scan the QR code, even if they promise you exciting gifts or investment opportunities.
- Verify the source. If a QR code appears to come from a reputable source, it’s wise to double check. If the correspondence appears to come from a government agency, call or visit their official website to confirm.
- Be wary of short links. If a URL-shortened link appears when you scan a QR code, understand that you can’t know where the code is directing you. It could be hiding a malicious URL.
- Watch out for advertising materials that have been tampered with. Some scammers attempt to mislead consumers by altering legitimate business ads, such as placing stickers over the QR code. Keep an eye out for signs of tampering.
Farmer's Almanac says snow, rain expected to kick off 2024 in NJ
Gallery Credit: Mike Brant
Season ends soon for NJ camping: Last days to reserve in 2023
Gallery Credit: Mike Brant