Expert warns Brits as ‘too good to be true’ deals could be a result of QR code scam

0
754
Image by OpenClipart-Vectors from Pixabay
  • An expert has urged Brits to protect themselves against QR code phishing this January, as scammers take advantage of post-Christmas bargain hunters
  • QR code phishing sees crooks cover up authentic codes with fakes in emails and texts, which they use to access user’s personal information 
  • Online shoppers will see a rise in attacks this month as scammers offer ‘too good to be true’ discounts during the January sales, the expert warns
  • UK Action Fraud reported over 400 QR code scam cases last year, including fake car park signs that saw motorists tricked into £60 mobile payments 

A tech expert has issued a warning about QR code scams that target online shoppers seeking a deal or discount during the January sales, also known as ‘quishing.’

QR code experts QRFY predict a surge in scams over the next month as cybercriminals replace square barcodes in emails and texts with fraudulent versions that allow them to steal users’ personal information – including their bank details.

And with many Brits feeling the pinch after Christmas, scammers will look to take advantage of bargain-hunting shoppers. This may include sending a fake QR code that offers an ‘exclusive discount’ or asking them to reinput their address to reorganise a ‘failed delivery.’

Phishers may also create fake sites that mimic legitimate ones. To access the site or get a deal – such as those offered for joining a mailing list – users will be asked to enter personal details after scanning a QR code, meaning their data can be sold or used to commit fraud.

Some shoppers may be more vulnerable to these scams than others, the experts say, due to a lack of awareness around this tactic or impulsiveness when buying online.

Speaking on the concerns, a QRFY spokesperson says: “Brits need to be particularly vigilant around emails offering discounts this time of year – especially if they include a QR code or lead you to a form to input information – as many scammers will offer ‘too good to be true’ deals to entice seasonal shoppers to input their personal information.

“Many will also include an urgent prompt to encourage shoppers to make rash decisions and not stop to check the authenticity of these deals, perhaps offering money off ‘one day only’ or stressing that a sale or discount ends soon. The difficulty is that many legitimate brands also utilise these tactics, so it’s key that Brits learn the telltale signs of a ‘quishing’ scam.”

Five ways that shoppers can stay vigilant amid a phishing surge this January are as follows:

1. Check if the QR code has been tampered with 

If featured on a printed leaflet, in a shop window, or on a sign, there are often visible indications that a QR code has been tampered with. A recent example of this type of scam was seen in Newcastle in November, where the City Council reported con artists putting up fake codes in car parks to trick motorists into making £60 parking payments.

If the QR code looks like it’s been interfered with – for example, if it has fraying edges, looks blurry or pixelated, or isn’t aligned properly on the advert, poster, or sign – it’s likely a fraudulent barcode that’s been stuck over the authentic version.

2. Inspect the website URL for spelling errors 

One of the key indications that a phishing scam is being executed is that the URL you’re being directed to is spelt incorrectly. Before each and every time you open the URL, make sure that you recognise the web address and that there aren’t any spelling mistakes or odd formatting choices that may indicate a fake domain.

Often, these codes lead you to a site that can easily be mistaken for your favourite retailer as they’ve copied the logos and images from the original. If you’re unsure whether the site you’re visiting is authentic, always go the ‘long way’ and type in the site directly rather than accessing it via an emailed link or QR code.

3. Be wary of QR codes in emails or messages

Unless you know a brand will email or text you a QR code, it’s always best to exercise caution. You’ll likely receive an influx of promotion-based texts and emails throughout the January period as brands advertise their post-Christmas sales – but you’ll rarely receive a promotion that can only be redeemed by scanning a QR code, as many brands instead opt for a letter-based discount code that’s clearly visible on their site.

Poor grammar throughout the email is an immediate red flag that should arouse suspicion as a nonsensical email address or odd subject line. Be wary of texts or emails requiring you to input personal details via a QR code to ‘rearrange a missed delivery’.

4. Use multi-factor authentication when logging in 

Although it’s easy to get caught up by a discount or deal when shopping online in the New Year, it’s important that you follow security recommendations to prevent phishing. This includes implementing multi-factor authentication when logging into your email accounts.

Multi-factor authentication requires you to provide two or more forms of credentials when logging into a private account to confirm your identity, such as a mobile number, answer to a personal security question, or fingerprint. Following these measures can help secure your accounts against theft if you’ve accidentally lost your personal details to a phishing scam.

5. Avoid downloading a QR code scanner app 

There’s an app for everything these days, but it’s key to be aware of which apps may be malicious and which aren’t. Generally speaking, there’s no need to download a specific QR code scanning app, as most phones have this feature built into their camera apps.

If you are set on downloading one, check – and then check again – that it is from a reputable and trustworthy source otherwise, your sales shopping could be cut short.


Help keep news FREE for our readers

Supporting your local community newspaper/online news outlet is crucial now more than ever. If you believe in independent journalism, then consider making a valuable contribution by making a one-time or monthly donation. We operate in rural areas where providing unbiased news can be challenging. Read More About Supporting The West Wales Chronicle