Gerry's Tech Tip of the Month
GERRY HEBERT
Things To Do Before You Scan That QR Code
QR codes are now being used by scammers to download malware onto our devices. This scam even has a name: Quishing. Because it’s impossible to know in advance what websites these codes are connected to, here are several tips from Scambusters.org on how to be safe:
1. Use a secure scanning app instead of your device camera. These check if you're actually heading for the right site before you even go there. But do your research to confirm the app itself has the right security features.
2. Always check the URL of any website in your browser website to be sure you're at the right place. Beware of codes that use address shorteners, which conceal the actual website you're going to until the last moment.
3. Use up to date security software that will likely warn you if you made a dangerous move.
4. If it's a physical QR code, check to see if it's on a sticker that might have been placed on top of a genuine one. This is a common trick at parking sites. If you scan one, not only will your identity be at risk but you also, unknowingly, won't be paying for parking and could get fined!
5. Beware if you're urged to act quickly, provide personal information as a result of a scan, if the code has no accompanying text, or if it appears in a poorly designed text format.
6. Don't be easily taken in by emails and texts that appear to come from a reputable organization, perhaps one you already have a relationship with. In fact, Microsoft is the most commonly used name in email quishing attacks, followed by banks.
7. Use two-factor or multi-factor authentication for signing on whenever possible. Then, even if your info is compromised, crooks still won't be able to access your accounts.
1. Use a secure scanning app instead of your device camera. These check if you're actually heading for the right site before you even go there. But do your research to confirm the app itself has the right security features.
2. Always check the URL of any website in your browser website to be sure you're at the right place. Beware of codes that use address shorteners, which conceal the actual website you're going to until the last moment.
3. Use up to date security software that will likely warn you if you made a dangerous move.
4. If it's a physical QR code, check to see if it's on a sticker that might have been placed on top of a genuine one. This is a common trick at parking sites. If you scan one, not only will your identity be at risk but you also, unknowingly, won't be paying for parking and could get fined!
5. Beware if you're urged to act quickly, provide personal information as a result of a scan, if the code has no accompanying text, or if it appears in a poorly designed text format.
6. Don't be easily taken in by emails and texts that appear to come from a reputable organization, perhaps one you already have a relationship with. In fact, Microsoft is the most commonly used name in email quishing attacks, followed by banks.
7. Use two-factor or multi-factor authentication for signing on whenever possible. Then, even if your info is compromised, crooks still won't be able to access your accounts.