Costa Rican banks advise caution when using QR codes

QCOSTARICA – In the technological era, in which we are immersed, we have more and more resources to streamline certain processes in banks, stores and businesses of all kinds; QR codes are one of those tools that have become popular, but the Asociación Bancaria Costarricense (ABC) – Banking Association of Costa Rica – asks that they be used with caution and responsibility.

By scanning the QR code through a smartphone, users can simply transfer money from one source to another. Shutterstock

In Costa Rica, some financial entities use them only for information purposes and in others as a means of payment, but always applying all the necessary security measures to protect customer information.

When scanning a QR code, it takes the person to a web page, where they can see some information, for example, the menu in restaurants or details about a certain product or service. However, their use implies taking the necessary precautions not to be scammed, since criminal groups also use them.

– Advertising –

“Just as we can easily download this information, cybercriminals also use QR codes to trick people into downloading malicious content and stealing information from their devices or taking them to fake pages to steal usernames and passwords, then access their accounts and steal the money”. said Raúl Rivera, cybersecurity adviser for ABC.

Types of attacks on QR codes

  • QRishing: They take the person to a fake web page where they capture confidential information: usernames, passwords and security codes.
  • Downloading malicious code: They redirect to a web page that downloads malicious code to the device that can infect it with a virus: Trojan, spyware, botnet or cryptomining.
  • QRLjacking: Once the person accesses a website or social network, it hijacks the session by tricking them into entering through the use of a QR code, similar to what WhatsApp uses to access WhatsApp Web.

Recommendations for safe use of QR codes


  • Use a secure QR code reader. The camera of the phone or tablet is usually used, which increases the risk.
    – Kaspersky (Android, iOS) – Download secure QR code reader
    -TrendMicro (Android) – Download Secure QR Code Reader
  • Disable automatic opening of URLs after code analysis. This will allow you to check if the URL contains any malicious element or behavior.
  • Check if the URL is trustworthy. To do this, you just need to copy the scanned URL before opening it, visit the page, select where it says URL, paste it into the field that appears there and to press ENTER.

At the commercial level:

  • Establishments that use QR codes should periodically check that they have not been altered. Cybercriminals modify codes to defraud customers.
  • Use a reliable or secure QR code generator. Some websites that generate QR codes for free may inject malicious actions or download malicious code in addition to the actions they are normally configured for.

“Banks go to great lengths to keep their customers safe and protect their money, but it’s vital that people beware and never share their sensitive information, such as usernames, passwords or credentials. passwords, financial institutions will never ask for this data,” Rivera concluded.

– Advertising –

About Matthew Berkey

Check Also

The Ministry of Agriculture will create seed banks

Agriculture and Fisheries Minister Pearnel Charles Jr (left) answers questions from reporters during Monday’s Jamaica …