QR codes have recently become one of the most common tools for committing crimes among scammers who operate in the virtual space.
Cybercrime is currently on an upward trajectory. The process of scaling up and developing the relevant activity, which is negative both from the point of view of moral and ethical norms and in a strictly legal context, is characterized by a very high degree of intensity. It’s worth noting that in a certain sense, the growth of cybercrime is natural. This statement is based on the fact that the current historical moment is characterized by such a technological feature as digitalization. The corresponding process means transferring most types of activities to a virtual environment. In fact, as of today, cyberspace, characterized by versatility and massive scale, has become a new dimension of objective reality. Crime, among other things, is beginning to be mastered in the mentioned, a kind of advanced dimension of what can be called global world being. At the same time, this does not mean that digitalization is a source of destruction and damage. Also, a kind of pattern of the emergence of cybercrime does not mean that this activity cannot be fought or that it is invincible in principle.
QR codes have become a new tool for criminals in a virtual environment. Using this tool, scammers often lure their victims, who are not even aware of the deception, into traps. For the affected party, these manipulations mean financial losses.
Currently, there is a scaling up of practices such as quishing in the digital fraud environment. In this case, it means such a method of action, which implies that scammers deceive their victims into scanning fake QR codes. The victims then find themselves unwillingly on websites developed by criminals to achieve illegal goals, or in malicious apps designed to steal information classified as confidential.
Greg Hancell, fraud expert at Lynx Tech, said during a conversation with media representatives that QR code fraud differs from other types of cybercrime in that this category of illegal virtual activity is more difficult to identify. In this case, the problem is that humans cannot read QR codes. This means that victims will recognize the destination of the link already at the moment when the financial operation cannot be canceled, and damage is inevitable.
Greg Hancell stated that many people can identify phishing or smishing scams. QR codes are relatively new. For this reason, many people are unable to quickly identify the relevant threat.
According to Greg Hancell, QR codes currently account for more than 20% of all scams committed in the virtual space. In this context, it can be assumed that over time, the mentioned practice of committing crimes will become more understandable and people will train to quickly identify the corresponding threat. At the same time, the probability of this positive scenario being realized is not the maximum, since it is obvious that fraudsters are constantly improving their methods of crimes, both from a psychological point of view and in a technological sense.
Greg Hancell stated that scammers usually replace legitimate QR codes with fraudulent ones. People scan these QR codes and, unknowingly, share confidential information with criminals. According to the mentioned expert, common scenarios in which such fraudulent activities occur are related to everyday activities, such as, for example, ordering at a restaurant or paying for parking. In appropriate cases, scammers place counterfeit QR codes in public spaces. Unsuspecting victims unknowingly visit malicious websites that steal personal data, payment information, and login credentials.
Greg Hancell noted that replacing authentic QR codes with false ones is the most common way that scammers use to gain access to confidential information by deception.
To counteract the mentioned threat, it is important to know the signs of counterfeiting or manipulation of the QR code. Greg Hancell underlined that it is often possible to notice the physical tampering of QR codes. According to the expert, individuals should pay attention to the stickers placed on the original codes, and to codes that appear damaged or partially covered. He noted that the quality of the code could be evidence of fraud. Also, according to him, it is important to use general awareness and take into account the context and visual indicators. He stated that the alarm signal may be a QR code in an unusual location or accompanied by intrusive messages calling for immediate scanning to allegedly avoid a fee.
Greg Hancell said that machine learning and artificial intelligence can help users identify and prevent financial fraud. At the same time, he noted that, despite the mentioned technological capabilities, it is important for consumers to secure their devices when scanning OR codes.
Returning to the issue of artificial intelligence as a tool for performing certain actions, it is worth noting that scammers also have access to AI. For this reason, their algorithms for committing crimes have become more sophisticated. It is worth noting that artificial intelligence, like any other technology that provides consumers with significant opportunities, can be used both within the framework of constructive scenarios and to achieve destructive goals.
Greg Hancell stated that financial institutions, by applying daily adaptive AI models, can identify the latest fraud methods and illegal transactions that are likely to cause money to be stolen from victims’ bank accounts. According to him, in this case, if individuals become victims of criminals using QR codes as a tool for activities, they receive protection from a bank that has access to data that allows them to identify unusual and fraudulent moves.
Against the background of the scaling of the cybercrime area, digital literacy is becoming increasingly relevant. The current historical moment in the ongoing process of the existence of human civilization, many experts, analysts, and scientists call the era of information or information technology. It is worth noting that the corresponding wording has been used for many years, but its relevance remains valid for now and will most likely continue to be the correct definition in the foreseeable future. Within the framework of reasoning, to a certain abstract extent, it can be argued that one information materials can be used to counteract the practical consequences of applying and distributing other information. It is worth noting that this thesis does not apply to cases where objective facts of reality are implied, which are not subject to doubt or any radical rethinking. Constructive information can counter destructive information as a tool for maintaining a positive state of affairs against a tool for implementing a negative scenario. As for digital literacy, in the appropriate context, it actually implies an array of data that allows individuals to quickly identify criminal activity. For example, a query in an Internet search engine, such as how to know if my camera is hacked, will allow anyone to get information about signs of unauthorized access to the device.
Technological tools for countering cybercrime exist. In this case, means are meant that do not imply active user intervention in the process of combating threats. At the same time, digital literacy is also very important in the context of solving relevant tasks. A person who is aware of the signs of fraudulent activity will be able to identify these actions at the initial stage when the prospect of realizing the threat of financial or any other damage is just being formed and has not yet reached the stage of generating practical consequences. It is also worth noting separately that digital literacy is a kind of array of knowledge that needs to be updated periodically. The corresponding need is related to the fact that cybercriminals seek to use advanced technologies, which a priori are an ever-evolving, dynamic category.
It is important for consumers to take proactive measures to protect themselves from QR code fraud. Greg Hancell stated that in this case, it is necessary to verify the source of the code. According to him, it is important to find out if the QR code was from an official website or establishment. After performing this action, as the expert noted, the user should check the URL before visiting another website to make sure that in a particular case, a link to a legitimate and secure Internet platform is used.
Greg Hancell stated that the use of tools such as VirusTotal, for URL scanning, can also help identify potential threats. Separately, the expert noted that in the case when the code leads to a payment gateway, users should cross-check the authenticity of the website by applying a service that verifies domain registration and duration. Greg Hancell underlined the need to avoid websites with newly registered domains, or Internet platforms that seem suspicious. Experts said that personal precautions are vital. At the same time, he separately noted that companies should play an important role in educating their customers and minimizing the risks associated with fraud involving the use of QR codes.
As for the mentioned category of crimes, in this case, there is a high probability that it will scale. The corresponding assumption is because QR payments are becoming more and more popular. For example, the results of industry research indicate that in the United States, 25% of merchants already offer or plan to offer the possibility of making financial transactions of the mentioned category to their customers in the next three years. Among merchants based in the United Kingdom, the corresponding figure was fixed at 28%. This statistical information reflects consumer demand for QR codes in omnichannel shopping experiences.
Also, noteworthy is the data that more than 80% of retailers in the United States are convinced that QR code scanning for product-level information is the key to driving customer loyalty.
Greg Hancell stated that he would urge organizations to reconsider relying solely on QR codes when processing payment transactions due to the high level of risk. According to him, QR codes often lack adequate protection against tampering, making it difficult for businesses to monitor them consistently. He stated that it is very important to offer different payment methods. According to him, using an appropriate approach provides consumers with the opportunity to choose safer alternatives and reduces their vulnerability to fraud. The expert stated that one way businesses can enhance QR code security is by using more advanced, encrypted codes, such as Cronto’s color QR codes, which ensure that only the intended device can read the code. Also, according to him, financial institutions should consider the possibility of implementing such technology to offer their customers more secure and tamper-resistant payment methods, further protecting them from fraud-related threats.
It is worth noting that the practice of using QR codes has several advantages. One of the positive aspects in this case is access to information with one scan. It is worth noting that access is provided to huge amounts of data. At the same time, the practice of one action to obtain information contains obvious security risks, which are nevertheless declined to a certain extent by the use of biometric data.
QR codes are also highly customizable, which is an advantage for businesses. In this case, an ideal match to the branding is provided.
Moreover, in the context of the advantages of QR codes, cost-effective and environmentally friendly should be mentioned. Creating a free QR code does not require expensive printed materials such as brochures, flyers, or physical advertisements. These codes are also a digital alternative in industries such as hospitality and retail.
Moreover, one of the advantages of QR codes is versatility. In this case, it means a wide range of industries where the mentioned functional solution can be used. For example, in the retail area, QR codes are a kind of tool for scanning products to obtain detailed information about their characteristics and even customer reviews. In the real estate market, these codes are used to provide buyers with detailed information about certain properties, floor plans, and even virtual tours. Access to all of the above is provided as part of a simple scanning procedure.
Also, in the list of advantages of QR codes, such characteristics as ease of use and compatibility with modern devices should be noted. Currently, almost all smartphones have built-in scanning functions for the mentioned codes. In this case, a high level of convenience for users is provided, which consists of the absence of the need to download additional apps. Moreover, the QR code scanning process takes only a few seconds. The mentioned ease of use extends to many platforms. In the practical plane, this means that, for example, users can access digital content on smartphones, tablets, smartwatches, and other devices.
For businesses, the fact that customers are already provided with QR code scanning tools means that implementing solutions based on the appropriate technology does not require training or technical support.
Another advantage of a QR code is that it can be used to identify products, which helps companies fight counterfeit goods and protect their reputation.
At the same time, for objective characterization, it is worth noting that QR codes have disadvantages. In this context, it is worth mentioning what can be described as a kind of technological dependence. To scan QR codes, modern devices are needed, for example, smartphones. The vast majority of the inhabitants of the planet Earth have the appropriate devices, but still, a part of the world’s population does not have such products. The corresponding disadvantage is likely to decrease as a significant factor as the prevalence of smartphones is actively scaling up.
Also, the disadvantages of QR codes can be called security problems that were mentioned above. In this case, users should remember as a kind of behavioral instruction the rule that it is not worth scanning codes from unknown or suspicious sources. Ignoring this safety standard can cause significant financial losses.
Separately, outside the context of characteristics divided into categories of advantages and disadvantages, it is also worth noting the importance of QR codes for the fintech industry. In this case, it is worth paying attention to the fact that the mentioned codes can facilitate the process of making mobile payment transactions. It is a fast, secure, and convenient payment method that can increase sales, reduce waiting times in stores and restaurants, and improve customer satisfaction.
A QR code is a type of matrix barcode, or two-dimensional code, originally developed for the automotive industry. This code was invented in 1994 by the Japanese company Denso Wave to label automobile parts.
