fbpx
Techitup Middle East
B2B TechnologyCybersecurity

Enjoying White Friday Sales? Beware of Malicious QR Codes

Cisco alerts consumers to rising QR code cyberthreats amid White Friday Sales, company shares several tips for consumers to protect themselves against the impact of malicious QR codes

With an anticipated increase of shopping activity in the UAE during White Friday, Cisco shares an advisory for consumers regarding the prevalence of malicious QR codes, based on insights from Cisco Talos.

Cisco Talos is a trusted global threat intelligence research team comprising world-class researchers, analysts, and engineers with unmatched visibility across the threat landscape, seeing more than 800 billion security events per day.

The Challenge

Whether ordering at a restaurant, purchasing a concert ticket, or even watching a football game, QR codes are everywhere. However, new data from Cisco suggests that consumers should be wary and not trust every QR code by default.

Spammers are always looking for innovative ways to circumnavigate spam filters, and using QR codes has emerged as a valuable technique to accomplish this. QR codes are disproportionately effective at bypassing anti-spam filters, as most filters are not designed to recognize that a QR code is present in an image and decode it. According to data by Cisco Talos, roughly 60% of all emails containing QR codes are spam.

QR Codes – The Lesser-known Threat

Security professionals have long advised consumers to avoid clicking on unfamiliar URLs to prevent phishing or malware exposure. However, many users do not apply the same caution when scanning unknown QR codes, despite the similar risks involved.

This concern is heightened during White Friday, with many sales already underway and more expected through the holiday season. Scammers are increasingly using QR code scams featuring fake package delivery updates, aiming to exploit the online shopping surge. As consumers anticipate numerous packages, they may unknowingly scan malicious QR codes that threaten their security.

Putting Up Defenses

The ideal defense against this type of scam is to avoid scanning any QR codes, however, this can be difficult, so users must exercise caution. Scanning a QR code is essentially the same as clicking on an unknown hyperlink, but without the ability to see the full URL beforehand.

Cisco shares several tips for consumers to protect themselves against the impact of malicious QR codes:

  • Use QR code decoders that are freely available online. Save a screenshot of the QR code, upload this image to the decoder, and it will tell you what data was encoded inside the QR code. This will enable you to inspect the link more closely.
  • Once you know the URL, navigate to it using an anti-virus defender application like Cisco Secure Malware Analytics (Threat Grid). This will allow you to view the content behind the URL from a safe place, without jeopardizing the security of your computer or mobile device.
  • Never enter your username and password into an unknown site. It is better to navigate directly to the site you wish to log in using its official web address, rather than clicking on a URL presented by an unknown third party.

Related posts

Infoblox Unveils Universal DDI Product Suite

Editor

VAST Data and Supermicro Collaborate to Simplify and Accelerate AI Pipelines 

Editor

Lenovo TruScale Backup with Veeam, Announced

Editor

Leave a Comment