KUALA LUMPUR, Feb 1 — A leading regional cyber security services provider, Quann Malaysia (formerly known as e-Cop Malaysia), has warned of scammers starting to use fake ‘quick response’ (QR) codes to steal data and money from users.
Quann Malaysia, in a statement, said the black-and-white squares were often seen on websites, restaurants, advertisements, rental bikes and retail outlets — to enable users to quickly scan to unlock, or retrieve information related to a business.
“There’s a rising number of cases where criminals have been sticking their own codes over a business’ original one to steal the scanner’s data or access the scanner’s smartphone to tap into their bank account,” its General Manager, Ivan Wen said.
Quann Malaysia said the problem with QR codes is that it is impossible to visually differentiate an original code from a malicious one.
It is important that merchants regularly check to ensure malicious codes are not pasted on their merchandise or posted on their websites, it said.
“Although there is no visible way to differentiate between an authentic QR code and a phony one, there are some precautions you can take,” it added.
Quann Malaysia advised users to observe the collateral for any signs of tampering such as a sticker placed on a printed menu or pamphlet.before scanning a QR code.
“Look out for pixelated images and logo, as well as spelling mistakes to identify fake collaterals,” it said.
Use a secure QR code scanner that can flag malicious websites and show the actual URL before scanning the code, it said, adding that, “Don’t key in any personal information after scanning a QR code.”
Be wary about scanning a code in public places, like transportation depots, bus stops or city centres even if it’s on a printed poster,” it said. — Bernama