Freedom, Business, Controversy and Fitness

QR Code Viruses…. Is nothing safe!! Symantec & McAfee to the rescue!

I could have sworn I wrote this article!

What is a QR code?

This is my personal QR code – Yes, I am a nerd and I have a personal QR code. Go Ahead scan it with your smartphone, but before you do… on!

Quick Response (QR) codes QR codes have sprung up everywhere in the last couple of years. They are a way for people to convert a barcode into a Web site link using a camera app on their smartphone. It’s fast, convenient and dangerous. Spammers are already using it to promote black-market pharmaceuticals and malware authors have used it to install a trojan on Android phones. In combination with link shortening, it can be very hard for users to tell in advance if a given QR code is safe or not, so consider a QR reader that can check a Web site’s reputation before visiting it.

Once the bait has been taken the victim must be reeled in. The next step in these attacks fools the user into taking an action to propagate the threat, for example installing an app, downloading ‘update’ to your video software or clicking on a button to prove you’re human. The attackers persuade their victims to infect themselves and spread the bait to everyone in their social circles.

It must be stated that this is not just a Facebook issue; variations of these threats run on all social media platforms. The number of threats on each of these platforms is directly proportional to the number of users on these sites. It is not indication of the “security” or safety of a site.

QR Codes Could Deliver Malware

Friday, March 16, 2012 at 5:46am by Robert Siciliano

You’ve seen barcodes all your life. So you know what they look like: rectangles “boxes” comprised of a series of vertical lines. When a cashier scans a barcode, you hear a familiar beep and you are charged for that item.

A QR code looks different and offers more functionality. QR stands for “quick response.” Smartphones can download QR readers that use the phone’s built-in camera to read these codes. When the QR code reader application is open and the camera detects a QR code, the application beeps and asks you what you want to do next.

Today we see QR codes appearing in magazine advertisements and articles, on signs and billboards; anywhere a mobile marketer wants to allow information to be captured, whether in print or in public spaces, and facilitate digital interaction. Pretty much anyone can create a QR codes.

Unfortunately, that’s where the cybercriminals come in. While QR codes make it easy to connect with legitimate online properties, they also make it easy for hackers to distribute malware.

QR code infections are relatively new. A QR scam works because, as witha shortened URL, the link destination is obscured by the link itself. Once scanned, a QR code may link to an malicious website or download an unwanted application or mobile virus.

Here’s some ways to protect yourself from falling victim to malicious QR codes:

Be suspicious of QR codes that offer no context explaining them. Malicious codes often appear with little or no text.

If you arrive on a website via a QR code, never provide your personal or log in information since it could be a phishing attempt.

Use a QR reader that offers you a preview of the URL that you have scanned so that you can see if it looks suspicious before you go there.

Use complete mobile device security software, like McAfee® Mobile Security, which includes anti-virus, anti-theft and web and app protection and can warn you of dangerous websites embedded in QR codes.

Both McAfee & Symantec released safe QR Code scanners for IPhone and Android. Pay Attention: If you see Guerilla Marketing stickers or a QR Code sticker definitely don’t scan it! You can try and scan it with their tools, but the safest way is to not scan it!


2 responses

  1. jack

    Tim Armstrong, a malware researcher at Kaspersky, says premium rate numbers operate similar to 900 numbers in the U.S. The four- to five-digit numbers charge for each incoming text, wringing cash out of unsuspecting users. Armstrong says that it’s much more difficult to set up such numbers in the U.S., but cyberthieves will soon be able to create global premium rate numbers that could theoretically attack American consumers the same way. Infected QR codes could also be used for phishing scams, Armstrong says.

    December 11, 2012 at 2:29 PM

    • Jack,
      Thank you for the informative comment! Keep them coming!

      December 20, 2012 at 12:00 PM

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s