Cyberattack Derails TfL: The Urgent Need...
Earlier this week a cyberattack on Transport for London (TfL) left its Oyster card and payment systems compromised, causing widespread...
Read MoreQuick Response (QR) codes were invented by the Japanese company Denso Wave in 1994 to track automobile parts, offering greater data storage and faster scanning than traditional barcodes. Their versatility led to widespread use in tracking, inventory management, and later, consumer applications like mobile payments and digital menus. However, as their popularity grew, QR codes also became a target for cybercriminals, who use them for phishing, data theft, and malware distribution. This form of cybercrime is known as “quishing,” where scammers use a QR code to carry out a phishing attack aimed at stealing user credentials. As QR code usage continues to rise, particularly for contactless transactions, the need for vigilance and robust security practices is paramount.
QR code scams are a form of cybercrime that exploit the convenience and widespread use of QR codes to deceive individuals and organisations into divulging personal and financial information. These scams typically involve replacing legitimate QR codes with counterfeit ones in public locations such as parking meters, restaurants, and package delivery notifications. Scanning these fake codes redirects victims to malicious websites designed to harvest sensitive data or trick them into making fraudulent payments. The prevalence of these scams has increased significantly due to the growing use of QR codes in recent years.
QR code scams exploit the growing use of QR codes, leading to unauthorised transactions and identity theft. QR code scams exploit both physical and digital mediums to deceive victims. Key scenarios include:
As QR code usage continues to grow, both individuals and organisations must remain vigilant and informed about the risks and protective measures associated with QR codes. The rise in QR code scams has led legal and regulatory bodies to issue warnings and recommendations. A key concern is the lack of consumer consent for data collection, which often conflicts with global privacy laws requiring explicit consent when a QR code is scanned. Regulatory bodies urge businesses to comply with these laws by obtaining prior consent and clearly outlining data collection policies.
Organisations should implement robust security measures, such as unified endpoint solutions, to secure devices and ensure QR codes are legitimate. This includes avoiding URLs that differ from official company URLs and using mobile threat defense.
Awareness and caution can help prevent falling victim to these scams. To stay safe, we recommend individuals follow our handy hints below:
If you require advice or support on data protection and information governance, or fraud prevention, please do not hesitate to get in touch. Our team is here to help you navigate these complex regulations and ensure your resilience compliance.
Please contact us on 020 7101 4861 if you think we can help.
Image accreditation: Proxyclick (May 2019) on Unsplash.com. Last accessed on 12th August 2024. Available at: https://unsplash.com/photos/black-pos-machine-EPeK7w5Eeic
Earlier this week a cyberattack on Transport for London (TfL) left its Oyster card and payment systems compromised, causing widespread...
Read MoreThe United Kingdom has Europe's highest fraud call rate at 9.3%, with people frequently targeted by scammers posing as loved...
Read MoreWith the growing impact of AI across industries, robust governance has become essential. ISO/IEC 42001 is a newly established global...
Read More