During the COVID-19 pandemic, people have become accustomed to using their smartphone cameras to scan small black-and-white square barcodes, allowing them to do everything from access restaurant menus to pay bills. Scanning a Quick Response, or QR code, is convenient and easy. It is contactless, which can make people feel safer in public places such as restaurants, many of which substituted the codes for paper menus. Cybersecurity experts say QR codes also created new opportunities for fraudsters, who can tamper with them and direct victims to malicious websites to steal their personal and financial information, Stateline reports. The scammers have slapped stickers with fake QR codes on pay stations. Drivers who scanned them were directed to a website that asked them to enter their credit card or bank account information.
This month, another fake QR code scam targeting drivers popped up in Atlanta. Officials there reported that drivers were finding fake parking tickets with QR codes on their cars, directing them to a phony website. Real parking tickets in Atlanta don’t use QR codes. Sham QR codes have cropped up on billboards, online ads and in phishing emails, which are designed to trick people into divulging personal information. The FBI has issued an alert about cybercriminals tampering with QR codes to steal login and financial information. It said the codes not only can redirect payment using phony links but also can contain embedded malware that lets a criminal gain access to a victim’s mobile device and financial and personal information.