increase font size
Quann Malaysia warns Malaysians that scammers have started using fake ‘quick response’ (QR) codes to steal data and money from users.
Quann’s warning comes at the back of an expected spike in the proliferation of QR Code usage as vendors such as WeChatPay and Alipay introduce eWallets (that involves using the mobile phone for QR code scanning) into Malaysia’s online payment ecosystem to drive retail consumerism.
“There’s a rising number of cases where criminals have been sticking their own codes over a business’ original one to steal the scanner’s data or access the scanner’s smartphone to tap into their bank account.
“The problem with QR codes is that it is impossible to visually differentiate an original code from a malicious code. It is important that merchants regularly check to ensure malicious codes are not pasted on their merchandise or posted on their websites,” said Ivan Wen, General Manager of Quann Malaysia.
He shared that about RM55 million was stolen in China’s Guangdong province - where QR codes are a mobile payment norm. The scam is discovered to be common in restaurants where QR codes were fixed and not regularly changed.
In response, the People’s Bank of China have begun regulating QR code daily spending limits, as well as requiring all payment institutions to obtain a license before they can legally offer QR code payment facilities to their customers.
Scammers can replace the original QR codes on billboards and pamphlets to divert users to malicious websites where users key in their personal information.
The personal information is later used to send phishing emails laden with malware which could infect the victim’s computer systems.
QR codes can also be used to infect smartphones with viruses allowing criminals to steal money from the victim’s mobile wallet or ransomware where data is encrypted for a ransom.
“The impact of mobile malware could be devastating as the hacker can access your private information as well as your phones camera to spy on you. We advise users to be cautious when scanning QR codes.
As more mobile payment platforms look to enter the Malaysian market, it is important that users and merchants both exercise the necessary precautions to ensure both parties do not lose money or data to similar scams,” Wen added.
The black-and-white squares are often seen on websites, restaurants, advertisements, rental bikes and retail outlets to enable users to quickly scan to unlock, or retrieve information related to a business.
Quann Malaysia, formerly known as e-Cop Malaysia, is a leading regional managed cyber security services provider.
