As cyber security tools are continually enhanced, so cyber criminals are continually looking for new ways to dupe people into falling for scams.
For some years, email links or attachments have been a fairly common feature used by scammers. They ask you to click on something which then either takes you to a screen that wants your login credentials, or loads malware on to your computer.
More recently, software has existed to help protect against such scams – software which filters out mail containing links or attachments and then scans the mail to check it. Only when it is confirmed as safe, is it then released to your mailbox.
To find a way around the protection of mail filtering, criminals have now started to use QR codes instead of links or attachments. A typical example would be an email advising that you need to apply a software update, and supplying a code to scan, to facilitate that.
Scanning the code then takes the user to a login page asking for username and password – and those credentials are then farmed by the scammer.
If you receive any email that you’re not expecting asking you to enter log-in credentials, do not action it. If it appears to come from the supplier of some software that you use, contact that supplier through a known communication channel to check the validity of the message. Alternatively, refer to your IT support provider if you have doubts over any mail received.