When using QR is quite risky

PETALING JAYA: The quick response (QR) code has been a popular payment method, including when transferring money to charity.

But beware, it can be easily misused by unscrupulous groups.

One restaurant owner, who allowed donation boxes on his counter, fell victim to such a scam last year.

Omar Johan, 53, said that when the charity organisation came to pick up the donation box, they were shocked to find that the original QR code had been covered by another sticker, with a different code.

All the donated money had gone into someone else’s individual account.

“I did not realise it until they pointed out that the sticker had been covered over. We then checked the CCTV footage and saw a person pasting the sticker on the donation box.”

A police report was lodged by the charity organisation.

“I felt guilty about not being more vigilant but the charity organisation did not hold any grudges.

“Owners have to regularly check and update existing QR codes on our premises,” he added.

On Thursday, Bukit Aman Commercial Crime Investigation Department (CCID) acting director Datuk Rohaimi Md Isa said online purchase fraud cases had soared by 36.9% from Jan 1 to March 24, compared with the same period last year. There were 2,328 cases recorded, resulting in losses exceeding RM19mil.

Public WiFi can also be abused by these thieves.

Josh Lim, who often uses QR code to pay, has been experiencing an increased number of unknown calls after transferring money using public WiFi.

The 45-year-old said he was paying for his meal at a cafe when the worker said his Internet connection was unstable indoors.

Josh then used the cafe’s WiFi to make payment.

“It seemed pretty harmless when I registered on the public WiFi but then I started receiving calls from unknown numbers, most of them scams calls.

“I wonder if hackers had gained access to my number,” he added.

T. Jeremiah, 28, is also wary of public WiFi and uses his personal Internet data when doing online banking transactions, and uses Internet roaming services when travelling overseas.

“I believe that public WiFi exposes your device to security risks as the provider might gain access to your credentials in some way,” he said.

For QR payments, Jeremiah said he will only scan codes from credible sources such as with Touch ‘n Go eWallet or DuitNow Transfers.

“I will also make sure the recipient’s name is stated on the app after scanning before I proceed to payments. I read on social media that criminals can stick their own QR codes at public QR payments.

“I am even more careful when scanning a QR code at event registrations, as sometimes the organisers use an open source/third party website to collect data. It could expose my device to any malware,” he said.

Related stories:
Follow us on our official WhatsApp channel for breaking news alerts and key updates!
online fraud , public WiFi , QR codes

Next In Nation
MCA should contest more seats with large Chinese electorate in GE16, says youth wing
MMEA rescues 15 crewmen from cargo ship after major leak
Man feared drowned after slipping off Chukai jetty during high tide phenomenon
'I did not know he was re-marrying,' says ex-wife of man who died in ravine crash
Five-year-old drowns in Lenggeng clubhouse swimming pool
Ex-Goldman banker Roger Ng loses bid to overturn 1MDB conviction
First in Southeast Asia: Malaysia launches International Cycling Union satellite centre in Johor
Cops investigating death threats made against lawyer in Melaka shooting case
E-invoice exemption threshold up to RM1mil starting 2026, says PM
Man found dead in car in Setapak

Trending in News

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.