The National Information Technology Development Agency has issued a cautionary alert urging Nigerians to be wary when scanning QR codes due to a surge in fraudulent activities perpetrated by scammers.
In its recent advisory shared on its official platform on Sunday, the agency emphasized the concerning trend of malicious individuals exploiting QR codes for phishing scams, payment fraud, data theft, and identity theft.
QR codes, recognizable as machine-readable codes comprising black and white squares, are commonly utilized for storing URLs or other accessible information via smartphone cameras.
The advisory serves as a crucial reminder for users to exercise vigilance and implement necessary precautions before scanning QR codes to minimize the risk of falling prey to cyber scams.
Part of the advisory noted, “QR codes, while fast and convenient for quick access to information and actions, have unfortunately become a tool exploited by scammers for fraudulent activities. These activities take various forms and are designed to lure unsuspecting users into scanning them.
“The implications of these codes on users vary depending on the approach taken by the Scammer Impact QR codes, which can be exploited by malicious actors to deceive unsuspecting users and perpetrate fraudulent activities.”
“Phishing scammers can generate QR codes that point to malicious applications or phishing websites. Users scan these codes, thinking they are genuine, and end up having their information stolen. Scammers can create QR codes that start illicit transactions or reroute payments to their accounts rather than the intended recipients.
“Threat actors may embed malicious payloads like malware or data-stealing scripts within QR codes. By exploiting security vulnerabilities in users’ devices, they can steal private documents, financial information, and passwords, among other sensitive data.
“Users’ personal information, including names, addresses, and contact details, can be collected using QR codes inserted in fake advertisements or online surveys. This information can then be exploited for identity theft or other targeted frauds,” the advisory stated.