Before you scan that QR code ...

First, what is a QR code?

It's a quick-response code that resembles a picture of random looking black-and-white squares housed within a square. The origin of these codes dates back 27 years, first appearing when Japanese automakers used them to track parts and inventory.

QR codes have gained even more popularity since the pandemic because they can be scanned to create touchless transactions. Common uses include showing QR codes on your smartphone to board an airplane, enter a sporting event or to view menu items at certain restaurants.

These quirky-looking codes, when scanned, can also be used to visit a company’s website, get more information about a product or receive discount coupons for products. It's only natural these codes would be targeted by cybercriminals.

Unfortunately, scanning a dangerous QR code can expose users to malware being installed on their devices if they aren’t careful.

Keep these things in mind before scanning a QR code:

• Never click on QR codes sent by strangers. These can take you to fake websites or worse, install malware on your device. These are essentially phishing interactions.

• Watch for flyers that include malicious QR codes. Criminals have been known to place fake QR codes on flyers so they can entice people to scan them.

• Don’t trust QR codes that are supposedly emailed by a friend. It's possible their account was hacked. Instead visit a website directly, using a legitimate domain name.

• Do not pay bills with a QR code.

• Trust your instincts. Stick with scanning codes on products or websites you know are trustworthy.

These codes can be extremely handy but use a little common sense before scanning them.

• • •

New twist on Amazon scams

A Coeur d’Alene reader warned us about a new scam that involves Amazon. Scammers understand that the odds of most consumers having an online Amazon account are pretty high. The call was a recorded message that said it was from Amazon. The message notified the customer that Amazon had detected a potential fraud on their account.

The detailed message said “someone from the East Coast is trying to charge $800 on your account. Please press 1 to NOT authorize the charge.”

This instruction was specifically designed to get the customer to react because the assumption was that by not pressing 1, the customer would be authorizing the charge. But pressing any button on your phone could expose you to possible malware fraud.

The reader hung up on the recording and instead went directly to her Amazon account to verify the information in the message. The reader said there was no suspicious $800 charge on her account so she knew the message was fake.

She also said the recording sounded professional, did not use poor grammar and the speaker didn’t have an accent, all telltale signs of scam calls in the past.

Bottom line: Scammers are getting more savvy, so if you receive a recorded message informing you of fraud on your account, go directly to your account to verify the information. Do not click on any buttons or links.

• • •

T-Mobile was hacked

T-Mobile confirmed that on Aug. 16, it was hacked and the perpetrator made off with the personal data from 54 million people. The hacker apparently had been scanning T-Mobile’s internet addresses for vulnerabilities using a simple tool available to the general public. Now, more than likely, that breached data is being sold on the dark web.

In an interview with the Wall Street Journal, the hacker disclosed that the wireless company’s weak security system allowed him to access the personal information of more than 50 million current, former or prospective customers. He managed to break through after discovering an unprotected router.

The report says it appears that no financial information was compromised, but data such as Social Security numbers, names, dates of birth, driver’s license info and IMEI (the number linked to the mobile device) and IMSI (International Mobile Subscriber Identity, which is a unique number assigned to the SIM card used by the mobile device) might also have been compromised.

Data breaches are becoming the new norm. Most studies conclude that customers aren’t likely to switch carriers even though they’ve been breached because these threats are abstract unless the customer is personally impacted. The problem is not isolated to T-Mobile because our data being compromised is a problem across multiple industries and multiple companies.

Other things to monitor are your credit card accounts, your credit card reports and changing your passwords. At this point, it isn’t a matter of if you will get hacked, but when.

• • •

Remember: I’m on your side.

• • •

If you've encountered a consumer issue that you have questions about or think our readers should know about, please send me an email at terridickersonadvocate@gmail.com or call me at 208-274-4458. As The CDA Press Consumer Gal, I’m here to help. I’m a copywriter working with businesses on marketing strategy, a columnist, a veterans advocate and a consumer advocate living in Coeur d’Alene.