Pay attention to the technique to paste another code on the QR code of the street corner and to skip to another site
QR codes may be used for guidance to the official website on posters attached to stations' premises or commercial facilities, but paste malicious different QR codes on this QR code A malicious method of guiding the person who reads the code to the phishing site is spreading and experts are calling attention.
That square QR barcode on the poster? Check it's not a sticker • The Register
Malicious QR codes pop up on traffic-heavy locations
According to Warren Sealey of Symantec, a method such as attaching a QR code that sponsored a link to a malicious site to spam has been used for some time, but recently, in addition to this, the existing QR code There are an increasing number of methods to paste illegal QR code on.
Although there is a merit that QR code does not need to bother to input the URL, you can access the website simply by holding the camera of the mobile phone with the reading application and read the stored information, but it is confronted with it It is a shape.
As a method, on the QR code which is put in a place where there are many traffic, on the QR code it is printed and pasted an invalid QR code linked to a phishing site etc., as if it were an ordinary QR code It is to try to make passers read a face and read it.
In Western European tourist destinations, we provide information on churches and historic buildings with QR code, but this is replaced by malicious code.
Sian John, who is in charge of security strategy in Symantec / UK, pointed out that the number of QR codes exploded in the last couple of years and that cyber criminals are making full use of their advantages. It says that people can be easily sent to phishing sites and malware sites because QR codes can not be distinguished from genuine or fake by looking alone.
To respond to this, the QR code reader warns you to use what you can check at the time of reading that the linked site is not dangerous. Those who use the QR code for promotional purposes seem to prefer that the link destination is not an abbreviated URL, but to be understood at a glance as an official site.
in Note, Posted by logc_nt