QR codes have been more prominent recently.
As the pandemic hit, we have seen establishments and services implement contactless payments. Wherein one option for this is scanning a QR code to conveniently make a payment using your smart device.
Aside from that, these small black and white squares can also be used for easily pulling up a website, downloading stuff, and sharing your contact information just like a handy calling card.
Unfortunately, (you guessed it) QR codes can be also used for fraudulent schemes. And in this article, we are going to share not our personal information, but some tips to on how to avoid getting scammed via QR codes.
Tip #1: Verify the source
In these times when misinformation, disinformation, fake content and fake news are swarming over the Internet—especially social media—it’s always best to practice verification more often than not.
If you’ve come across with a post asking you to scan a QR code for a certain promo or something else, check if it’s coming from a reputable source.
For example, financial services and banks on social media usually now have blue checkmark or verified badge attached next to their name or social media handles. That’s one way to tell if a source is legitimate.
However, since this feature comes with a paid subscription for individual and business accounts, just finding the verified badge alone would not be enough.
This leads to our next tip…
Tip #2: NEVER scan QR codes from strangers, unfamiliar sources
For physical places like establishments, your local sari-sari store offering GCash cash-outs, and malls—they definitely don’t have verified badges to show.
In this case, be more skeptical (Tip #3). Look for indicators that a QR code is legit and takes you to the correct platform as expected.
Also check if the QR code is tampered since someone can easily slap on another QR code sticker on top of it.
But like I said, QR codes can do more stuff aside from making a payment.
Another form of phishing is called “quishing” where scammers use malicious QR codes posing as legit ones in an attempt to steal your data. This is done by either installing malware on your device or redirecting you to a fake website asking for your sensitive information.
To avoid this, always make sure that you are only scanning QR codes from your trusty friends, families, and familiar places. (And even from your suking tindahan.)
Of course, not everyone is perfect, and your dearest friend could still send you a malicious QR code. Thus, verification still comes in handy under any circumstance.
Tip #4: Check for secure URLs
In case you decide to scan a QR code, always look for secure URLs or website links that begin with “https://” rather than “http://” (without the ‘s’).
You can also look for the lock icon next to a website’s name on your browser’s address bar. This lock icon and “https://” indicate that a website is secure and will likely protect your information from hackers.
If a website is not secure, the address bar will show a red, unlocked icon and with “http://” only. So, be mindful of these indicators when accessing a website link from QR.
What to do if accidentally scanned a malicious QR code?
First things first, NEVER. EVER. SHARE YOUR PERSONAL INFORMATION (Tip #5). Especially if that certain website is unfamiliar and not secure. Don’t engage any further and close the browser tab immediately.
And secondly, some QR codes may automatically download a file. And if it does, here’s our last tip (#6): NEVER OPEN a downloaded file from malicious QR code.
Delete the downloaded file right away as it could be malicious and may contain malware that hackers could deploy to your device.
Attackers could even copy and take your personal files for ransom—not giving them back ‘till you send them some of your hard-earned cash. Would they even give it back after that?
Perhaps, QR code revolutionized convenience by offering quick access to information and services with just a snap.
Unfortunately, this same convenience has also made it a target for scammers seeking to exploit unsuspecting users. But with ‘lil a bit of countermeasures, we can surely enjoy using QR with peace of mind.
Did we miss any tips? The comment section is welcome for your precious insights!
