The phishing artists have now adopted a new method of faking QR codes to redirect users to their intended website and scam them off their money.
India has taken many steps faster than a lot of developed countries in terms of digital payments. Digitalization has enabled single-click transactions nationwide, from basic transactions at a tea stall to major financial payments. The growing adoption of digital offline payments has also captured the attention of scammers. QR codes are the latest tool phishing scam artists use to conduct their fraudulent transactions.
The phishing landing pages are tough to differentiate from original website pages, which makes the scam even more efficient. Layman users get easily trapped in these scams as the QR code does not mention where it will take them. As QR codes are themselves treated as unique and unhackable instruments to make transactions, they are now the hottest growing trend for scammers.
How Does This Attack Happen?
Most of these scams are conducted through Emails and lead to an authentic-looking website(use an SPF checker to prevent these email scams). These QR codes have links that can bypass multiple security shields, especially when the mail lands in the primary inbox instead of the spam folder. The redirection process is negligibly visible to general users, and they do not get suspicious. Once the user visits the link, a lot of information is already traced by the scammer including the IP address, location if enabled in the browser, and much more.
Along with this, the autofill function fills most of the personal information that can be sold in the black market for huge profits. If that doesn’t suffice, users who trust the website and make the transaction end up sending the decided amount of money to them and giving them access to make transactions that empty the entire bank account.
How Can You Stay Away From These Scams?
The first identification signs of these scam emails are easy to remember, so do read carefully.
- Any Email containing a QR code is a clear red flag.
- These Emails contain suspicious content like bonus money or lucky draw.
- Contrary to this, fear mongering is also quite popular among these scammers. This includes messages like Your Credit Card Is Expiring, Your Account Will Be Frozen Tomorrow, and more on similar lines.
- Such Emails also offer quicker solutions than the genuine route, which, even though they seem quite attractive, are a clear sign of a potential scam.
Upgrading yourself with evolving technology also requires due caution in the early stage of adoption. Kindly check all the unknown Emails, messages, or links before making any transaction or entering personal information.
