NITDA warns Nigerians against QR code scams
The National Information Technology Development Agency has issued a cautionary alert to Nigerians, advising them to exercise caution when scanning QR codes due to the surge in fraudulent activities orchestrated by scammers.
In its latest advisory posted on its official X account on Sunday, the agency highlighted the alarming trend of malicious actors exploiting QR codes for various fraudulent schemes, including phishing scams, payment fraud, data theft, and identity theft.
QR codes, commonly recognised as machine-readable codes composed of black and white squares, are typically used for storing URLs or other information accessible by smartphone cameras.
The advisory serves as a reminder for users to remain vigilant and implement necessary precautions before scanning QR codes to mitigate the risk of falling victim to cyber scams.
Part of the advisory noted, “QR codes, while fast and convenient for quick access to information and actions, have unfortunately become a tool exploited by scammers for fraudulent activities. These activities take various forms and are designed to lure unsuspecting users into scanning them.
“The implications of these codes on users vary depending on the approach taken by the Scammer Impact QR codes, which can be exploited by malicious actors to deceive unsuspecting users and perpetrate fraudulent activities.”
NITDA revealed that fraudsters deployed multifaceted methods to perpetrate their illicit activities through QR codes.
“Phishing scammers can generate QR codes that point to malicious applications or phishing websites. Users scan these codes, thinking they are genuine, and end up having their information stolen. Scammers can create QR codes that start illicit transactions or reroute payments to their accounts rather than the intended recipients.
“Threat actors may embed malicious payloads like malware or data-stealing scripts within QR codes. By exploiting security vulnerabilities in users’ devices, they can steal private documents, financial information, and passwords, among other sensitive data.
“Users’ personal information, including names, addresses, and contact details, can be collected using QR codes inserted in fake advertisements or online surveys. This information can then be exploited for identity theft or other targeted frauds,” the advisory stated.
NITDA advised users of QR codes to exercise caution when scanning codes from unfamiliar sources or unsolicited messages.
The agency said it was important to verify the legitimacy of QR codes and associated links before proceeding with scanning.
Furthermore, NITDA recommended the utilisation of reputable QR code scanning apps equipped with built-in security features.
The agency suggested keeping devices updated with the latest antivirus software and security patches to bolster the protection of QR code users against potential cyber threats.
In January, the Cyber Security Experts Association of Nigeria predicted a rise in insider threats for the country in 2024, driven by an increase in the malicious use of artificial intelligence.
To mitigate this escalating threat of cyber hacktivism in 2024, the experts said Nigeria must adopt a multi-faceted approach, which involves investing in advanced security technologies and enhancing the capability of cyber security personnel.