How dangerous is QR code fraud?
Recently, in Ho Chi Minh City, the incident of a young man stamping QR codes on many restaurants on Song Hanh Street, Hoc Mon District has attracted public attention. On the night of February 18, a young man riding a motorbike came to the front of a restaurant on Song Hanh Street, observed the surroundings and then posted QR codes on top of the restaurant's QR code. The owner said that many customers reported that when scanning the code, the information displayed was not the restaurant's but the name "Vo Thai Duong". Checking the camera, the restaurant owner discovered that his QR code had been replaced. Worried that this behavior caused confusion, causing customers to transfer money to the wrong account, the restaurant owner warned other businesses. It is known that many restaurants on Song Hanh Street are also facing a similar situation.
Previously, many people in Ho Chi Minh City also reported that their motorbikes and doors had plastic cards worth 30,000, 50,000, and 100,000 VND.
According to the information on the plastic card, people need to scan the QR code, then contact the customer service department to receive the corresponding amount on the card. However, when people scan the QR code and access the link, the phone is hacked, taking control.
Speaking to Lao Dong, Mr. Huan Pham - Regional Director of Cyber Security Company, Technology Solutions ManageEngine - said that fraud via QR code is also known as quishing (a combination of "QR" and "Phimishing"). hackers manipulate QR codes to deceive users into accessing fake websites or downloading malicious content. Because QR codes are often scan without thinking carefully, attackers take advantage of this trust to steal sensitive information such as login information, financial details or business data.
How to prevent being scammed through QR codes
According to ManageEngine experts, scams using QR codes are very diverse from forging QR codes of trustworthy organizations such as government agencies, delivery services or banks to pasting real QR codes on payment devices or restaurant menus.
Other forms that can be mentioned are putting malicious QR codes on printed documents, which can be leaflets, flyers or cards with QR codes to lead victims to malicious websites; dipping QR codes in pop-up advertising models or digital advertisements on attacked websites, luring users to download malicious software...
To deal with this, at the beginning of this year, the State Bank of Vietnam said that it will strengthen the assurance of security, safety and confidentiality of payment and banking activities; direct service providers to actively deploy safe and secure solutions in online payments and bank card payments to protect the legitimate rights and interests of customers.
From an expert's perspective, Mr. Huan Pham said that in order not to become a victim of fraud via QR code, individuals need to comply with some basic principles, including:
Always update the operating system and security features of smartphones to the latest version, enabling multi-factor authentication (MFA).
Use trusted security software for web filtering to block dangerous websites.
In public places such as restaurants, hospitals and shuttle stations, be careful when scanning QR codes because hackers can easily replace them with malicious codes.
Be vigilant and update information about new scams and threats related to QR codes by using threat information publications.
