How to Not Get Hacked by a QR Code

For every form of communication or messaging out there, you can be sure that scammers and hackers are trying to find a way to take advantage of you-from emails to texts to calls.
Earlier this year, we saw a QR code scam targeted at a major US energy company, for example, and security analysts are warning that these so-called quishing attacks are on the rise.
If we didn't already have enough to worry about, now we need to be on guard against quishing.
The good news is that the security practices you hopefully already have in place should serve you well here too.
By now we should all be familiar with QR codes: a grid of black-and-white squares that act as a sort of hieroglyph that can be translated by the camera on your phone or another device.
Most often, QR codes translate into website URLs, but they can also point to a plain text message, app listings, map addresses, and so on.
This is where the subterfuge can slip in-QR codes can point to fraudulent websites just as easily as genuine ones, and you don't necessarily know which it's going to be before you visit it.
Scanning a QR code will typically bring up a URL that you can then follow, but it's rarely clear at first glance just how safe that website address is.


This Cyber News was published on www.wired.com. Publication date: Sun, 03 Dec 2023 12:13:07 +0000


Cyber News related to How to Not Get Hacked by a QR Code

US SEC's X account hacked to announce fake Bitcoin ETF approval - The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC's hacked X ...
8 months ago Bleepingcomputer.com
SEC confirms X account was hacked in SIM swapping attack - The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Earlier this month, the SEC's X account was hacked to issue a fake ...
8 months ago Bleepingcomputer.com
Mandiant's X account hacked by crypto Drainer-as-a-Service gang - The threat actor who took over Mandiant's X social media account used it to share links, redirecting the company's over 123,000 followers to a phishing page to steal cryptocurrency. As Mandiant found during a follow-up investigation into the ...
8 months ago Bleepingcomputer.com
Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware - Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. BleepingComputer has learned there is more to this attack, with threat actors ...
6 months ago Bleepingcomputer.com
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
9 months ago Bleepingcomputer.com
How an Indian startup hacked the world - Reuters previously named Appin in a story about Indian cyber mercenaries published last year. This report paints the clearest picture yet of how Appin operated, detailing the world-spanning extent of its business, and international law enforcement's ...
10 months ago Reuters.com
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked - Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. Cisco released patches for most releases of its IOS XE software but ...
10 months ago Bleepingcomputer.com
Apex Legends players worried about RCE flaw after ALGS hacks - Electronic Arts has postponed the North American finals of the ongoing Apex Legends Global Series after hackers compromised players mid-match during the tournament. ALGS is an esports tournament series where players compete in a fast-paced, strategic ...
6 months ago Bleepingcomputer.com
Netgear, Hyundai latest X accounts hacked to push crypto drainers - The official Netgear and Hyundai MEA Twitter/X accounts are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. While Hyundai has already regained access to their account and has cleaned ...
8 months ago Bleepingcomputer.com
Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
8 months ago Bleepingcomputer.com
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto - The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits targeting consumer products between October 24 and October 27. During the Pwn2Own Toronto 2023 hacking event organized by ...
10 months ago Bleepingcomputer.com
X adds passkeys support for iOS users in the United States - X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. The passkeys will be linked to the iOS device they're generated on and will significantly reduce the risk of breaches by ...
8 months ago Bleepingcomputer.com
Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking competition in Toronto, Canada. The contestants also demoed zero-day bugs in printers, routers, smart speakers, surveillance ...
10 months ago Bleepingcomputer.com
Web3 security firm CertiK's X account hacked to push crypto drainer - The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. Crypto fraud sleuth ZachXBT later leaked screenshots of ...
9 months ago Bleepingcomputer.com
Hacker spins up 1 million virtual servers to illegally mine crypto - A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. As announced today by Europol, the suspect is believed to be the mastermind behind a ...
8 months ago Bleepingcomputer.com
Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice - The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. Throughout the contest organized by Trend ...
8 months ago Bleepingcomputer.com
The Fake Browser Update Scam Gets a Makeover - One of the oldest malware tricks in the book - hacked websites claiming visitors need to update their Web browser before they can view any content - has roared back to life in the past few months. New research shows the attackers behind one such ...
10 months ago Krebsonsecurity.com
How To Improve Security Capacities of The Internet of Things? - The security of the Internet of Things is one of the main challenges of today. Many IoT assets could get an easy target to cyber attacks and it's highly recommended to somehow cope with these requirements. The best practice is something that would ...
8 months ago Cyberdefensemagazine.com
Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say - A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities ...
10 months ago Securityweek.com
The World of Scambaiting, Preventing Social Media Account Takeovers, Network Wrenches Hacked - In Episode 313, hosts Tom and Scott discuss the world of scambaiting, discussing what it is, the tactics used, and its effectiveness in stopping scammers. They talk about popular channels like Scammer Payback and Kitboga that show these scams in ...
8 months ago Securityboulevard.com
CVE-2024-45793 - Confidant is a open source secret management service that provides user-friendly storage and access to secrets. The following endpoints are subject to a cross site scripting vulnerability: GET /v1/credentials, GET /v1/credentials/, GET ...
2 weeks ago
The Case Study: The Exploitation of Business Assets - The role of this case study is to explain how it's feasible to exploit some business assets using the IoT search engines and some hacking tools. In this chapter, we would apply the Censys searching tool for crawling the web in a quite wide context, ...
9 months ago Cyberdefensemagazine.com
Orange County DA's Office hit by computer breach; communications system taken down - The Orange County District Attorney's Office information technology system was hacked over the weekend, prompting the agency to shut down portions of the system while it investigates the extent of the damage, a spokesperson said Monday, Oct. 23. ...
10 months ago Ocregister.com
ID Theft Service Resold Access to USInfoSearch Data - One of the cybercrime underground's more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least ...
10 months ago Krebsonsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)