Mysterious Packages with QR Codes
The Federal Bureau of Investigation (FBI) has issued a public advisory concerning the potential risk associated with receiving packages bearing QR codes, devoid of any sender information. The FBI’s alert emphasizes that these packages are employed by criminals to perpetrate “financial fraud activities” through the utilization of QR codes.
The QR code, a barcode containing a URL that can be easily opened by a mobile device’s browser, may trick users into divulging their personal or financial data, or even induce them to download malicious software that pilfers data from their devices. In such instances, the absence of sender information serves as an incentive for victims to scan the QR code.
It is essential to note that while this particular scam may not be as prevalent as other fraud schemes, the public should remain vigilant regarding this criminal activity. Scanning a random QR code is generally ill-advised, given that it inadvertently navigates your device to an unknown website.
Last year, Swiss cyber authorities issued similar warnings concerning letters purporting to originate from a federal meteorology office, containing a QR code for downloading a weather app. In reality, the QR code functioned as a ruse to disseminate malware.
Subsequently, both the Federal Trade Commission (FTC) and the United States Postal Inspection Service have cautioned the public about scammers employing QR codes on packages sent without solicitation. In these instances, recipients are coaxed into scanning the QR code under the pretext of registering the package or gleaning information about the sender. Should a user scan the code, they are redirected to a counterfeit website where personal or financial data may be requested.
The scam also encompasses an illicit practice known as “brushing,” whereby unscrupulous vendors fabricate positive product reviews. To accomplish this, a vendor identifies a consumer’s mailing address and places an order in their name, resulting in the delivery of an unexpected package. The intention is to create the impression that the recipient is a legitimate buyer who has penned favorable online reviews for the merchandise. These fabricated reviews serve to artificially inflate the product’s ratings and sales figures, which the perpetrators hope will boost actual sales in the long term. Since the merchandise is typically low-cost and affordable to ship, the scammers perceive this as a profitable endeavor.
The FBI encourages the public to remain cautious when receiving packages bearing QR codes and to exercise due diligence before engaging with any unfamiliar websites or providing sensitive information. By adhering to these precautions, individuals can protect themselves from becoming victims of such scams.
