In Ukraine, the activity of fraudsters who have begun to use fake QR codes to steal citizens' banking data has increased. Cyber police warn that attackers are placing fake QR codes in various public places where people often use fast payment technology. These fake codes redirect users to phishing sites that imitate official online services.
After scanning such QR codes, users are taken to fake sites where they can be tricked into entering their confidential data, giving fraudsters access to their bank accounts.
Places where these scams most often occur:
- Parking meters and parking payment machines.
- Public transport and ticket offices.
- Events and festivals that use QR codes for entry.
- Charity events and fundraisers.
To protect yourself from such fraudulent schemes, cyber police recommend following a few simple security rules:
- Scan QR codes only from trusted sources: avoid scanning codes from random flyers or advertisements.
- Check the physical condition of the QR code: if the sticker looks damaged or has a layer of adhesive on it, this may be a sign of fraudulent substitution.
- Check the URL before you go: Most smartphones allow you to preview the URL before opening the site.
- Check the web address carefully: small changes in the domain may indicate a phishing attack.
- Pay attention to the secure connection: the site should start with “https://”, which is a sign of security.
- Do not enter bank details on suspicious sites: only if absolutely necessary.
- Use virtual or temporary cards for online payments to reduce the risk of large financial losses.
If you are a victim of fraud: If you accidentally entered your bank details on a suspicious website, immediately contact your bank to block the card. It is also recommended to file a complaint with the Cyber Police through the official website or contact law enforcement agencies.
