I thought riding a scooter incorrectly would only result in a ‘fine’… “But money gets stolen too?” Shock spreads.

|

Fake QR Codes for Personal Information Theft

Recently, the number of users utilizing mobility services such as electric scooters and shared bicycles has surged, leading to an increase in security threats targeting these services. Particularly, there has been a rise in 'Qshing' incidents, where fake QR codes are used to lure users into installing malicious apps, resulting in the theft of personal information, location data, and even account and payment information.

The security industry has warned that, given the potential scale of these incidents, heightened caution is necessary.

Image 1

Qshing Technique: Replacement and Attachment Methods Spreading

Qshing is a blend of QR code (Quick Response Code) and phishing, representing a new type of scam that masquerades as QR codes to extract personal information.

According to recent reports from AhnLab, criminals have been replacing genuine QR codes installed in public places or attaching fake QR codes to shared scooters and bicycles to deceive users. The problem lies in the fact that QR codes are difficult to verify visually, leaving victims helpless against these scams.

This process not only leads to financial loss but also raises the possibility of safety threats, particularly if user authentication information falls into the hands of hackers, allowing them to remotely control mobility devices.

Preventive Measures and Response Methods

Image 2

Experts emphasize that it is crucial for users to be vigilant and aware of these threats.

AhnLab recommends avoiding scanning unknown QR codes, checking for tampering or attachments on shared device QR codes, verifying the legitimacy of the URL after scanning, refraining from app installations or entering personal information on suspicious links, and keeping security apps and antivirus software up to date.

If you suspect that you have scanned a malicious QR code, it is advised to switch to airplane mode and delete the malicious app using mobile antivirus software, request a freeze on accounts or cards if suspicious activity is detected, and report incidents to the police, the Financial Supervisory Service, or the Korea Internet & Security Agency to prevent further damages.

AhnLab stated, "Behind the convenience of shared mobility lies a critical security threat," adding that "developing the habit of pausing for 3 seconds before scanning a QR code can serve as a minimal safeguard for security."

Image 3

Image source: Unrelated material photo / News1

recent NEWS