The federal government, through the National Information Technology Development Agency (NITDA), has cautioned Nigerians against scanning QR codes as scammers are now exploiting them to defraud users.
A QR code is a machine-readable code made up of a series of black and white squares that is commonly used to store URLs or other data that can be viewed by a smartphone’s camera.
In its most recent advice over the weekend, the agency stated that malicious actors are now utilising QR codes for data theft, money fraud, and phishing schemes.
NITDA explained that, “QR codes, while fast and convenient for quick access to information and actions, have unfortunately become a tool exploited by scammers for fraudulent activities. These activities take various forms and are designed to lure unsuspecting users into scanning them.
“The implications of these codes on users vary depending on the approach taken by the Scammer Impact QR codes can be exploited by malicious actors to deceive unsuspecting users and perpetrate fraudulent activities.”
On ways scammers are using QR codes to carry out their schemes, NITDA said:“Phishing scammers can generate QR codes that point to malicious applications or phishing websites. Users scan these codes thinking they are genuine and end up having their information stolen. Scammers can create QR codes that start illicit transactions or reroute payments to their accounts rather than to the intended recipients.
“Threat actors may embed malicious payloads like malware or data-stealing scripts within QR codes. By exploiting security vulnerabilities in users’ devices, they can steal private documents, financial information, and passwords among other sensitive data. Users’ personal information, including names, addresses, and contact details can be collected using QR codes inserted in fake advertisements or online surveys. This information can then be exploited for identity theft or other targeted frauds.”
On preventive measures, the agency cautioned Nigerians to guard against falling victim to scammers, by being wary of scanning codes from unfamiliar sources or unsolicited messages.
“Always verify the legitimacy of QR codes and associated links before scanning them. Also use reputable QR code scanning apps with built-in security features and update devices with the latest antivirus software and security patches could also help in safeguarding QR code users,” it advised.
