cybercrime – PSafe Blog

Careful With That QR Code! Five Steps For QR Code Safety

PSafe Newsroom — Fri, 11 Mar 2022 18:14:35 +0000

For 20 million people, the temptation proved too hard to resist. For a full minute, a simple QR code ping-ponged back and forth on their television screens during a break in the action at the Super Bowl. Cryptocurrency company Coinbase reportedly paid 14 million dollars for that ad – but clearly, they got their money’s worth: 20 million people were redirected via QR code to their landing page, specially designed for the ad.

Caution Flags

The radical simplicity and irresistible pull of the Coinbase spot was the talk of the post-game ad reviews. But out of the din of this discussion came another message — this one from the Federal Bureau of Investigation (FBI). Inc Magazine’s Jason Aten pointed to a warning they had issued a month prior to the big game – the first lines lay out the situation quite clearly:

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

QR Codes Are Back, And Bigger Than Ever

Once again, it seems that bad actors have seized on a popular trend to help them do their dirty work. A simple technology dating back to the 90’s, QR Codes are on the rise lately – as they’ve become a very effective digital tool for marketers who want to quickly convert mobile phone readers into shoppers and buyers. The Wikipedia entry on QR codes gives you a quick grasp of just how powerful they can be when scanned on a mobile phone:

QR codes may be used to display text to the user, to open a webpage on the user’s device, to add a Card contact to the user’s device, to open a Uniform Resource Identifier (URI), to connect to a wireless network, or to compose an email or text message.

All you have to do is think about how hackers might use that kind of power, and you can quickly see that indiscriminate scanning of QR codes could lead you into some serious trouble.

Two Primary Sources of QR Code Danger

The first danger with malicious QR codes is the fact that they can transport you seamlessly to a fake website. As with most hacks, the first layer of the transaction seems to be legitimate: the QR code works! The user arrives at a site that has the offer or information they were seeking.

And this is when many users will let their guard down, and fail to notice telltale signs that the site isn’t legitimate. Super-sweetened offers can also play a role in softening up otherwise careful users. The bad website can be a collection point for private information and financial data, and the path to financial losses and ID Theft is paved.

The second danger is QR codes that include malware themselves. Once again, let’s turn to the FBI for — “just the facts”:

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

That’s about as bad as it can get. So, short of forsaking the use of all QR codes — how do you defend yourself?

What Can You Do?

Here are the five steps you can take – we discuss each below in more detail:

Get informed about what QR codes are and what they can do.
Make sure your device has good security software.
Use that security software regularly!
Before scanning any QR code, scan “the situation.”
Make sure you land where you expected to!

You’ll be glad to know that you’re well on your way to completing the first step. We hope this article has helped in this regard, and if you want to get even more up-to-date on potential threats to you and your mobile device, we highly recommend these two companion articles:

Six Ways That Cybercriminals Try To Take Over Your Device – QR codes are covered here along with several other traps, like WiFi Honeypots, Fake Apps, and even Subtitles in Streaming Apps. Do give it a careful read – lots to learn here.

Can a QR Code Be Used In A Phishing Attack? – If you’ve followed us so far, you know the answer to this question is YES! But hit the link to get more information on how QR codes can bait the hook for hackers’ big Phishing expeditions.

Security Help

If you’re using dfndr security, make sure you activate the anti-hacking feature to protect you from scams and malware. dfndr security PRO plan also has a dedicated Safe App function to help sniff out apps that contain malware, and also provides complete Identity Theft reports should you suspect trouble.

Eyes Up!

But your awareness is always going to be your first line of defense. Remember that QR codes primary benefit is to help you connect to a specific spot on the web without your having to type in a URL. The “fun” of seeing this work is no doubt a major part of the success of that Coinbase ad.

If you decide you do want to scan a QR code – make sure you can verify it’s from a trusted source, and take a good close look at the surroundings: the copy and design, the context of use. Is the code stuck on a wall outside a club? Or did it come to you via a traceable source like a mass mailing? If you can verify that the code is from a trustworthy source – make sure the landing spot is what you expected it to be.

Just remember what your friends in the FBI told you: a QR code isn’t a game to be taken lightly — or a Pokemon type game where you have to capture and collect. They serve a very specific function, and they’re more powerful than they look. Treat QR codes with the same caution you’d give to any unknown app or web address.

Where Do Most Phishing Attacks Occur and Why?

PSafe Newsroom — Tue, 13 Feb 2018 13:00:09 +0000

One of the main ways hackers can penetrate your network is through a social-engineering, or phishing, attack. A phishing attack compels users to disclose personal information before proceeding to the following page. This page is often disguised as a reputable institution, such as your email provider or bank’s website, thus tricking you into entering personal information on a secure portal.

Plainly, think of phishing as that email that solicits money through a cunning story, like the famous email chain about the prince who needed money to return to the throne. While phishing attacks can occur in almost any part of the world, it’s worth noting the countries and regions where it occurs the most. Unsurprisingly, the biggest hotspots for phishing and cybercrime occur in countries known to be victims of cybercrime, such as the United States and China.

Asia
East Asia has endured an uptick of cybercrime and phishing attacks in the last decade. Countries like Vietnam, China, Russia, India, and Japan all rank high on countries that experience a high number of phishing attacks. The likely reason for the increase is twofold: the standing of these countries in geopolitical terms, and the sophistication of their country’s network. For example, China’s mostly closed Internet has given rise to a black market Internet, which inherently breeds a space for cybercrime. On the other hand, Japan’s relatively open Internet has been plagued in recent years by an uptick in phishing scams as their economy increases in size.

Europe
Germany, France, and the U.K. also experience a high number of cybercrime and phishing attacks. The attacks on the three largest economies of Europe probably happen because of that fact — financial incentive attracts hackers.

The Americas
The U.S. and Brazil can also claim to be high on the list of victims from cybercrimes and phishing attacks. U.S. cybercrimes increased from 18.89% to 23.96% in 2016, making it the country most susceptible to cybercrime. Brazil also saw an uptick, as it moved form the 10th highest victim of cybercrime to the 3rd.

How to Stay Safe
There are many ways you can stay safe from cybercrime and phishing attacks. The easiest way is to make sure you’re browsing safely by using a security and antivirus app. The second way is to look at emails with scepticism, especially if you haven’t done anything different with your online accounts. Also, be aware of your friends or family getting hacked and odd messages coming from them.

Why Investing in Cybersecurity Is a Great Idea

PSafe Newsroom — Mon, 02 Oct 2017 13:00:26 +0000

Many companies think that they won’t be a target of cybercrime, either because they’re too small or they just don’t think it could happen to them. In reality, however, cybercrime is a growing business, and every day hackers are targeting hundreds of thousands of businesses. They can take all of your customers’ private credit card information or even leak your internal emails, besides other devastating information. No matter what the hack consists of, it’s almost always incredibly damaging for a business, the customers, and the employees.

Why Is Cybersecurity Important?
Attacks on a company’s private data are very frequent, and it can be incredibly damaging to a business. These hacks can cost a company not only damage public relations, but it also can be costly because of possible legal fees. In fact, it’s estimated that dealing with these cybersecurity breaches can cost a company anywhere from $10,000 to $100,000 for each hour of remediation costs.

The cybercriminals will often go after and target the lowest level members of your organization. Instead of trying to hack your current software, the hackers will just hack your employee’s account to find the login and password so that they can access your software, which is why it’s important to make sure that employees understand best practices for cybersecurity.

Invest in Cybersecurity
It’s also important because it can keep your computers running quickly. Many viruses that may attack your company’s computers can slow them down and make working much less efficient for your employees. Therefore, spending money on cybersecurity will actually make your computers run better and make your employees more efficient with their time. Another benefit is that having cybersecurity can prevent adware, which is a virus that can spam your computer with advertisements and will also slow it down.

How Much Does Cybersecurity Cost?
Most cyber security companies are relatively affordable. The real cost benefit of having one is that it can save you from having to pay out remediation costs or even from paying a new PR firm after the hack has occurred. If you want to keep your company safe and save money in the long run, then cybersecurity education costs are well worth it. In the long run, you will save your company a lot of money and hassle by hiring a cybersecurity expert or even by hiring a team to help keep your company’s computer virus and hack-free.

Why Are Dangerous Cybercrimes Going Unpunished?

PSafe Newsroom — Tue, 23 Aug 2016 15:25:07 +0000

While some cybercriminals are getting the crackdown, there are many, many more who aren’t facing prosecution. The main reason cybercrime is so hard to penalize is because it so often happens internationally. This means that criminals might be in one country, while their victims are others.

Finding the police jurisdiction for the cybercrime is the major reason why cybercriminals so often walk free. Does this make you wonder what’s so hard about setting up an international police unit that cracks down on cybercrime? Here are just a few of the steps required to crack down on cybercriminals.

1. Create an operation base.

To crack down on a cybercrime ring, law enforcement needs to get as many agencies together as necessary. That means that multiple agencies in many different countries might get involved with the crackdown. With so many agencies coordinating, law enforcement needs to find a single coordination center to create and communicate a plan of action.

2. Exchange information internationally.

Each agency within the joined forces needs to be able to share information with every other agency. That means that they need to create a system that lets them exchange information and create protocols that ensure that each agency receives the same data.

3. Send out the ground forces.

While crimes take place online, criminals live in the real world. In addition to the coordinated headquarters, law enforcement needs to send out police in the countries where the crimes have been taking place. These on-the-ground officers ensure the agencies find more information on the hackers.

4. Find the bad guys.

Once they have a case against the cybercriminals, law enforcement needs to track them down in the real world. Just like with any other criminal, it’s now time for these agencies to knock on — and perhaps knock down — some doors.

As hard as it is to bust crime in the real world, it’s even harder to bust crime in the virtual world. That’s why you need to take measures to keep yourself safe. The best way to keep your information safe from cybercriminals isn’t to wait for the law to catch up. Instead, you need to protect yourself now.

With PSafe Total, you can keep your information safe. The software’s Antivirus feature scans your SD cards and phone files 24-hours a day so you can catch breaches quickly.

Cybercrime: The Most High-Profile Targets

PSafe Newsroom — Mon, 04 Jul 2016 15:40:10 +0000

Hackers have become increasingly more dangerous as cybercrime has continued to grow in scale, and sophistication. The targets of cyberattacks are not just everyday people anymore. Within the last few years alone, cybercrime targets have included Sony Pictures, Target, and even the United States government! Here’s what you should know about each of these large-scale intrusions:

Sony Pictures

In November of 2014, film production studio Sony Pictures was the victim of one of the largest corporate data breaches in history. Hackers obtained access to employee email correspondences, employee salaries, personal employee information, and copies of yet-to-be-released movies. The hackers even demanded that Sony not release The Interview, a controversial comedy film, in which Seth Rogen and James Franco plot to assassinate a North Korean dictator.

The United States

In 2015, a hack of the U.S. government’s computers exposed over 21 million people to potential security breaches. Among the information stolen were Social Security numbers, fingerprints, home addresses, and the financial details of people who had undergone government background checks since 2000.

Target

One of history’s greatest business cyberattacks was carried out on Target during the holiday season in 2013. In this unprecedented breach, hackers injected malware into Target’s online security system, and gained access to all of the credit card scanners in Target’s 1,797 U.S. locations. Whenever customers swiped their cards, the installed malware would record the credit card number, and retain the information on a hijacked Target server. Every single credit card used in a Target store during the 2013 holiday season was subjected to this cybercrime.

This attack was particularly jarring as Target has always prided itself on its state-of-the-art security technology. In the year prior to the attack, Target had partnered with a security software company called FireEye, a company funded by the CIA, and used by intelligence agencies worldwide.

Get Advanced Protection with PSafe

If cybercriminals can hack into the strongest databases out there, ranging from Target to the U.S. government itself, hacking into our smartphones is surely child’s play. Don’t take it for granted that you’ll never be the victim of cybercrime! Download PSafe TOTAL, and keep your smartphone protected. PSafe TOTAL’s antivirus software has the highest score in AV-testing, and is currently rated one of the best antivirus softwares for Android in the world.

With additional features like Applock, and antitheft, DFNDR lets you browse the Internet, share files, and shop online with peace of mind. Your phone contains a lot of vital information, including your credit cards, passwords, and more. Don’t leave yourself vulnerable. Download DFNDR today.