Cybercriminals reinvent themselves during the pandemic through QR codes

A man scans a QR code to enter a park in Melbourne, Australia.JAMES ROSS / EFE

Among the technologies that have seen a greater boom during the pandemic is that of QR codes.

The search for alternatives to paper documents to reduce the risk of contagion of covid-19 has triggered the use of this tool, which allows you to read the menu of a restaurant or a cultural program from your mobile without having to pass it by hand. hand.

However, the success of these codes has also caught the attention of cybercriminals.

The authorities have detected in recent months an increase in fraud and data theft attempts in this way and warn of its use as bait to access devices and obtain user information.

More information

• The unexpected resurgence of QR codes: from oblivion to being essential

• The paradox of cyberattacks: how hackers take advantage of advances to protect security

Commander Alberto Redondo, head of the Technological Crimes Group of the Technical Unit of the Judicial Police of the Civil Guard, explains that there may be several assumptions: '' That criminals paste a malicious QR code on top of a real one in museums, restaurants, advertisements , etc., or to be placed in public places, independently and with any excuse, such as a raffle. ''

In the first scenario, it is enough for criminals to place a sticker with the fraudulent code over the real code and that makes it more difficult to detect the cheat;

in the second, by not impersonating the real company, but by placing an advertisement on the street, the user is more likely to doubt the authenticity of the code.

The main problem with this type of fraud is that, when scanning the code with the mobile, "the user does not see what the URL or web address he is accessing", but enters it before he is able to realize it. As the commander explains, the most important thing to avoid falling into a mess is to have common sense: "If you go to a restaurant and you are going to read the menu, it makes no sense that [when scanning the QR] they ask you for personal information." '. The user should be suspicious when the link takes him to a download site, when the file that is downloaded to his phone is not a PDF or a Word document (as restaurant menus tend to be) and, above all, when it leads to executable files on the phone.

The most characteristic of crimes through QR codes is that it is the user himself who takes the initiative in the interaction. When scanning it, it is he who goes to the trap, without the criminal having to actively give him the hook. This differentiates it from

or

, where cybercriminals send the victim a fraudulent link via SMS or email respectively. Precisely

It has also multiplied during the pandemic, largely due to teleworking: the attacker can impersonate an entity and include attachments or links containing the virus through an email that appears to be related to the victim's work. In the case of QRs, the virus could infect the phone by executing files through the link or through an application (if the user has agreed to download it).

For this reason, once the code has been scanned, if "you are asked to download an application, you have to be very careful when it leads to unofficial markets", that is, to others other than the

or

as Redondo alerts. . The commander insists: "If you download the application, under no circumstances should you give permission to pay online or send to contacts." If the user is still suspicious, they should go to the nearest Civil Guard barracks.

Spain was the third country most threatened by cybercriminals in 2020, according to the Ironhack school of technology. And, in addition, cybercrime is the second most common type of crime, behind theft, according to the latest report from the Ministry of the Interior. Although the Group of Technological Crimes has confirmed the increase in cases of fraudulent QR, it was the National Police of Malaga that, at the beginning of September, alerted through its social networks of this new form of scam. Precisely through the networks, many of the cases are detected, when users comment on the problem, although many do not report it. That is why there are hidden figures and it is difficult to obtain concrete data.

You can follow EL PAÍS TECNOLOGÍA on