Be careful when scanning

Scams using QR codes are becoming increasingly sophisticated

Be careful when using ubiquitous QR codes.(Bild: Christof Birbaumer)

QR codes are everywhere! Now the popular squares can become an even more dangerous weapon for criminals on the Internet than before. A "new generation" often remains undetected by various defense programs.

Whether paying a bill, accessing information in public places or checking in at the airport - QR codes have become indispensable in Tyrol since the coronavirus pandemic. They are practical, fast and, above all, uncomplicated.

But their popularity also makes them more than attractive to brazen fraudsters. Phishing attacks using QR codes, now also known as quishing, are on the rise and pose a significant threat to users and companies alike.

False web addresses lead to unrecognized traps
Hackers use the seemingly harmless squares to trick people into visiting malicious websites or downloading a malicious program.

Experts from Barracuda Networks, one of the world's leading IT security companies based in Innsbruck, have now also identified a "new generation" of fraudulent QR codes that aim to circumvent conventional security measures. "Text-based codes and specially crafted website addresses are used to remain undetected," emphasizes Ashitosh Deshnur, cyber threat analyst at Barracuda.

QR codes consisting of Unicode blocks look like conventional QR codes in an email. However, a recognition system based on image scans cannot identify them as such. "This means that corresponding security tools based only on image scans cannot recognize whether a malicious link is embedded in them." So be careful when scanning!