The cybercriminals are taking advantage of the rebirth of QR codes with the pandemic to convert this technology into an “invisible” attack vector, as they have alerted from Chek Point given the increase in their use by companies from all sectors.

Companies have been seen in the need to have to reinvent themselves and adopt technological tools to solve some of the problems raised by the pandemic, as the need to keep physical distance or maintain more scrupulous hygiene.

In this context, QR codes, used in restoration establishments to replace traditional letters, but also show tourist information or facilitate promotions, discounts or institutional procedures, have emerged as the zero contact alternative.

The Director General of Check Point for Spain and Portugal, Mario García, explains that QR codes are two-dimensional rapid response codes that incorporate an embedded URL in an image that, when being scanning it, allows access to a website.

The use of QR code has grown in recent months according to a study carried out by Mobileiron, which collects that 86 percent of mobile users has scanned a QR code in the last year.
However, it also reflects that 34 percent of respondents do not worry about their safety when using these codes.

“In recent months we have seen how it has experienced a new boost in its use, which, together with the sensation of reliability and lack of danger generated in users, as well as their use through ‘smartphone’, make it
Be converting into a new attack vector, “adds the manager.

A practical case carried out by the Carnegie Mellon University (Pennsylvania, United States), highlights the lack of concern regarding personal data protection when using this system.
The researchers placed hundreds of posters with QR codes in different locations, and after a month, 225 people had scanned the posters, which one 85 percent visited the associated website.

“Users should be aware that, in the end, they are clicking on a link that in many cases do not even see, so they could be ‘phishing’ -suplantation of a legitimate source – and redirect a malicious website
. It is important to keep in mind that where there is internet there can be a connected criminal, so you have always to extreme precautions, “says Garcia.

QR codes are used morely through the ‘Smartphone’, so they can serve as an access door to the information that stores the device, such as location data, or start downloading malicious software on the computer (Trojans
Banking, malware, etc.) and even make payments.

In this sense, from Check Point they indicate that the mobile phone is one of the priority objectives of the cybercriminals, since according to the Threat Intelligence Report of the Company, during the first half of 2020 almost 8 percent of cyber attacks in Spain
They were directed against these devices, standing 1.5 percent above average worldwide.

Likewise, since the company warns of the need to increase levels of security and awareness of technologies such as that of QR codes that apparently do not seem to have any risk, but may compromise the confidentiality of our data.
Therefore, it is essential to install security tools that protect the devices.