Ransomware

Ransomware encrypts device files and demands cryptocurrency ransom for decryption. Targets include corporate data, hospital records, and government systems, with global damages reaching trillions of yen annually.

QR codes are increasingly exploited as ransomware infection vectors. Attackers overlay fake QR code stickers on parking payment codes, redirecting to malware sites. Email-attached QR codes leading to fake login pages steal credentials before deploying ransomware.

The danger lies in URL invisibility before scanning. Unlike email links that can be hovered to preview, QR codes reveal destinations only after scanning.

Defenses include checking public QR codes for sticker overlays, verifying domains after scanning, refusing unexpected downloads, keeping systems updated, and enterprise MDM restrictions on scan destinations.