A user scanning a QR code – UNSPLASH
MADRID, July 15. (Portaltic/EP) –
The Civil Guard of Seville a few days ago spotted a new type of deception that has been called ‘Reverse QR, a fraudulent technique by which scammers steal money using this code by making their victims believe that they are actually charging a certain amount.
The armed institute of the Seville city announced through its Twitter account that it had arrested a scammer in the city of Mariena del Aljarafe who had applied this methodology.
It is a type of scam that is carried out “with social engineering techniques” and “intends to steal the personal and banking data of the victims,” according to the Civil Guard in this publication.
To learn how this deception works, it is worth remembering that a QR is an optical label with a unique code that contains information and has a square format, since it is represented by different modules in this way.
This code is used to, among other things, access certain places, such as a concert hall or a cinema, as WiFi authentication method or to make payments.
Due to the amount of information it can contain, the various functions it offers and its massive implementation in different establishments and services, cybercriminals have found the perfect method to carry out their fraudulent attacks.
In this way, they have used these QR codes for their benefit and have carried out the technique known as ‘Reverse QR’, a social engineering technique which has resulted in a robbery valued at 878.50 euros in total.
The crime of fraud for which the alarms have been raised took place in an establishment in the Seville province, where the alleged perpetrator of the events used this modality to deceive the staff of a restaurant by paying for their drink.
To do this, the scammer showed the victim a QR code that presumably belonged to his bank, although it turned out to be a spoofed code who, instead of paying, requested money.
In this way, although the waiter of this establishment thought that the author of the facts was paying for what he had taken, in reality he was paying for the drink himself.
In addition to obtaining data and personal information of the victim, it has been known that with the ‘reverse QR’ it also manages to obtain the bank details of the complainant.
In this way, you can know your password to open the bank application on the mobile device and make several transfers in your favor, through the Bizum payment platform, a means by which he would have managed to receive almost 900 euros.
TIPS TO AVOID FRAUD
To avoid these scams, citizens have to take a series of security measures, such as carefully reviewing those physical QRs that may have been manipulated or superimposed on the original codes.
It is also important to analyze the URL to which this code points and determine if it is a suspected fake link. There are different Applications that offer a preview of the content of the URL, to know what it presents before opening it, such as Link Preview Generate or URLVoid.
In addition, you should make sure that the website you want to access always complies with the protection and safe browsing standards, such as the popular ‘HTTPS’.
On the other hand, you can use other applications that perform security checks before activating the QR code on devices with Android or iOS operating system.