The latest consumer alert posted by the federal trade commission (FTC) signals that the upticks in QR code-based scams are being seen by cybersecurity vendors are indeed a valid growing problem.
You won’t need to go very far before you find a QR code. Restaurants commonly use QR codes to point you to a menu, parking lots use them to point you to a website to pay for parking, and according to the FTC, scammers use them to engage you in scams.
In their latest Consumer Alert, the FTC warns consumers about QR codes being misused by scammers to steal personal information or credit card details. In some cases these codes are seen in public, but are most often sent within emails or text messages.
We’ve recently covered both opinions from industry leaders and quantitative data showing that QR code scams are on the rise. The FTC alert merely serves as the larger confirmation that this is a real problem. They specifically recommend that anyone utilizing a QR code (even in situations when it appears legitimate) that the URLs being pointed to are not spoofed, have misspellings, etc.
While the idea of an employee within an organization thinking nothing suspicious about an email with a QR code in it seems ludicrous, I’ve seen far more blatantly outlandish scams that were fallen for. It’s the very reason why new-school security awareness training is so critical; all it takes is one phish/vish/quish and an organization becomes compromised.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Here's how it works:
