The authority provides instructions on how to read QR codes safely.
According to the Cybersecurity Center, QR codes should be treated with the same caution as unknown web addresses.
The ever-popular QR codes are black and white pixel squares, whose operating principle is largely the same as traditional barcodes. There is nothing special or harmful about QR codes themselves, but unfortunately scammers have figured out how to use them for criminal purposes.
The Finnish Transport and Communications Agency Traficom Cyber Security Center according to QR codes are an easy way to present information in a concise and machine-readable format. The codes are meant to be scanned with a smartphone, and they typically lead to a web page.
In practice, the camera applications of all modern phones know how to read QR codes and offer the link formed by it in an easy-to-click format.
“Ultimately the only way”
According to the Cybersecurity Center, QR codes should be treated with the same caution as unknown web addresses. In its weekly review, it emphasizes that not all codes that come across should be read, and in addition, attention must be paid to where and in what kind of situation the code has been encountered.
– Especially unsolicited electronic codes should not be opened, it points out and specifies that electronic codes should be sent, for example, as email attachments or instant messages.
Both when scanning the code and after opening the link, special attention should be paid to the address of the website, according to the Cybersecurity Center.
– In other words, that the address is familiar and there are no typos or other oddities. Verifying the address is ultimately the only way you can be sure the link is correct, it says.
Fake QR codes on the go
Last week we talked about a Finn From Marchwho scanned the QR code in Rusta. His intention was to become a regular customer of the company, but the genuine code was most obviously pasted with another sticker with a QR code that led to the fake Rusta pages.
The Cyber Security Center also advises to make sure before scanning a code placed in a public place that one code has not been pasted on top of another.
In addition, a QR code had recently ended up in a leaflet distributed in Tampere, which also did not direct where it was supposed to go.
Even the police have come to the attention of cases in which Finns’ online banking credentials and card information have been stolen with the help of QR codes leading to scam websites.