The National Information Technology Development Agency has warned Nigerians to be wary of scanning QR codes as scammers are now using them to defraud users.
According to the Agency’s latest advisory issued on Saturday, QR codes are being utuilised by miscreant as a way of Phishing scams, payment fraud and data stealing. According to NITDA, identity thieves are also using QR codes.
A QR code is a machine readable code consisting of an array of black and white squares, which is commonly used to store URLs or other information for the camera to read on a mobile phone.
While calling on Nigerians to scan QR codes with caution, the Technology Development Agency said “QR codes, while fast and convenient for quick access to information and actions, have unfortunately become a tool exploited by scammers for fraudulent activities. These activities take various forms and are designed to lure unsuspecting users into scanning them.
“The implications of these codes on users vary depending on the approach taken by the Scammer Impact QR codes can be exploited by malicious actors to deceive unsuspecting users and perpetrate fraudulent activities.”
According to NITDA, scammers utilize QR codes in various ways to achieve their heinous activities. It highlighted the various ways by saying that,“Phishing scammers can generate QR codes that point to malicious applications or phishing websites. Users scan these codes thinking they are genuine and end up having their information stolen.
Scammers can create QR codes that start illicit transactions or reroute payments to their accounts rather than to the intended recipients.
“Threat actors may embed malicious payloads like malware or data-stealing scripts within QR codes. By exploiting security vulnerabilities in users’ devices, they can steal private documents, financial information, and passwords among other sensitive data.
“Users’ personal information, including names, addresses, and contact details can be collected using QR codes inserted in fake advertisements or online surveys. This information can then be exploited for identity theft or other targeted frauds.”
