“To be honest, the scheme itself is rather strange.
There are certainly risks.
The main one is the interception of code, which is usually transmitted in cleartext, ”Lukatsky noted.
For example, if the code is transmitted in the form of a regular SMS message, then it can be intercepted during the transfer, he said.
“If we are talking about instant messengers, if there is a malicious program on the“ victim's ”smartphone, this QR code can also be intercepted and sent to the attacker ... Moreover, the malicious program can hide the very fact that the code arrived on the“ victim's ”smartphone so, that she will not find out about it until the moment she is asked if she received the code, ”Lukatsky added.
Another problem in this context, according to the expert, is the imperfection of the legislation governing the considered sphere of activity.
“At the current moment in time, the person who sent the QR code can say that he did not send anything, and it will be quite difficult to prove the opposite.
In turn, the person who received this code may be accused of fraud, ”the expert explained.
In this regard, Lukatsky named several ways to protect against the actions of intruders.
In particular, according to him, it is not recommended to transfer the smartphone into unauthorized hands, install third-party software on it, jailbreak the smartphone and follow suspicious links.
"The usual" computer hygiene ", which is applicable absolutely to any threat in cyberspace," - concluded the specialist.
Earlier, the Izvestia newspaper, citing financial organizations, reported that in 2022 a number of banks will begin to implement the function of withdrawing money from an ATM from someone else's card.
So, in the bank's mobile application, it will be possible to generate a QR code to receive a certain amount, send it to another person, who, in turn, will be able to pick up money from an ATM by scanning the code.