The QR Code could become the new preferred attack vector for cybercriminals. This was underlined by the analysis on the evolution of phishing attacks carried out by Innovery, an Italian multinational in the ICT market specialized in the cybersecurity sector. 2020 was a year of major emergencies for the cybersecurity sector, with a 40% increase in cyber attacks on companies compared to 2019 – according to data from the Cybersecurity & Data Protection Observatory of the Politecnico di Milano – thanks to the spread of remote working .
In this context, the preferred carrier for cyber criminals it was the e-mail, the so-called phishing, which affected about 80% attempts to meddle. In 2021, cybercriminals could favor a new channel, namely the QR Code. Qr codes are spreading widely, especially following the pandemic. According to a recent survey by MobileIron, 86% of respondents scanned a QR code during 2020 and more than half (54%) reported an increase in the use of such codes since the start of the pandemic.
“The increase in the use of mobile devices to carry out many of our daily activities exposes us to new risks, and the lack of awareness of the possible threats that scanning a QR Code can convey, is an increasingly pressing concern “explains Massimo Grandesso, Innovery Cybersecurity Manager.
“QR codes sent via email are able to evade normal antiphishing systems: Qishing, as this technique is called, works exactly like clicking on a link, except that the link is not visible as it is encoded in the QR code, and the same precautions should be used as for links “underlines Grandesso.
Today the QR Codes are used in the most varied contexts: in bars and restaurants for menus, limiting physical contacts, for access to events and public places, for booking medical examinations, to collect prescriptions, for electronic invoicing, to replace paper tickets and last but not least the Green Pass itself, on which even the guarantor of privacy has recently expressed himself urging citizens to be extremely cautious and to avoid publicly exhibiting the Green Pass code.