The FBI warns of malicious QR codes used to steal money

The FBI warns of malicious QR codes used to steal money

Short News:-

Cybercriminals are using maliciously crafted Quick Response (QR) codes to steal credentials and financial info. The FBI issued a public service announcement (PSA) on QR code risks this week. It advised Americans to pay attention to the URL they're sent after scanning QR codes.

Detailed News:-

As the Federal Bureau of Investigation (FBI) warned Americans this week, hackers are stealing their login credentials and financial information by using malicious Quick Response (QR) codes.

The Bureau's Internet Crime Complaint Center (IC3) published a public service announcement (PSA) earlier this week warning of the dangers of online fraud.

In order to steal login and financial information, cybercriminals are tampering with QR codes, according to the federal law enforcement agency.

When businesses use QR codes for payment, the FBI says criminals are altering them so that they redirect potential victims into malicious websites, install malware, or divert payments to accounts controlled by the criminals.

Attackers' phishing sites prompt victims to enter their login and financial information after they scan what appears to be legitimate codes. It is then sent to the cybercriminals, who can then use it to steal money from bank accounts that have been hacked.

If you're entering financial information or making a payment through a QR code-enabled site, the FBI advises you to exercise caution. We cannot guarantee that funds lost in a transfer will be recovered.

If you scan QR codes, pay attention to what you see.

Americans have been advised by the FBI to pay attention to the URL they are sent after scanning QR codes, to always be cautious when entering their data after scanning a QR code, and to ensure that physical QR codes haven't been covered with malicious codes.

Installing apps via QR codes is also a no-no. Instead, use the built-in QR code scanner that comes with your phone's operating system.

Last but not least, instead of scanning a QR code that could direct you to a malicious site, enter URLs by hand when making payments.

Earlier this month, the FBI released a new PSA highlighting the dangers of QR codes and cryptocurrency ATMs, which criminals are increasingly using to thwart victims' efforts to recover their losses.

Threat actors are using QR codes instead of buttons in spam emails to hide their attacks from security software and redirect victims to phishing sites, as demonstrated by a recent German e-banking phishing campaign.

PIN codes, bank codes, user names, and location information were requested from victims who were successfully redirected to the phishing landing pages.