What is Scan the QR code to claim your prize?
Scan the QR code to claim your prize pop-up is a QR code scam. Cybercriminals use QR (Quick Response) codes to steal personal and financial information of unsuspecting users, or redirect them to malicious content and scam sites. Most malicious redirects are conditional. It means that redirection only occurs when a certain condition is met. For example, the redirects only occur when someone lives in USA and uses an Android phone.
In some cases, unsuspecting users are taken to a rogue web page containing a pretend CAPTCHA examine, clicking which serves unwanted ads which are disguised to look as if they come from the working system and never from a web browser. In other cases, users are redirected to pages containing malware.
Scan the QR code to claim your prize Scam in detail
Scammers use logos, company colors and company name or copy the entire official company website to make scams appear legitimate. In this case, the scammers use the Apple brand and an Apple iPhone 14 photo. It’s important to note that Apple have nothing to do with this scam.
Scammers are using the offer of a free Apple iPhone 14 as bait in an attempt to lure people into scanning a malicious QR code. Once the malicious QR code is scanned, the user will be redirected to a malicious URL that triggers a few checks that validates whether the request is coming from a mobile device, such as a smartphone. If validation passes, the website obtains geolocation data for the victim’s IP address and, depending on the country, the victim may be redirected. If validation fails, the victim is redirected to a page which displays an error. We detected the following URLs were used in the redirect chain: “https://www.freakywin.net/win?ctrack=…”.
Here is the full text of the scam message:
You could be the winner of the Apple iPhone 14
Scan the QR code to claim your prize.
Contact | Terms & Conditions
International charges may apply. Please check with your mobile carrier. Your number may be used for marketing purposes.
Attackers use malicious QR codes to redirect users to various diet pills scams, fake dating websites, pornographic content, fake virus alerts that trick users to buy or install applications that are not needed, work-at-home schemes and other questionable content. Below are some examples of such sites:
In summary, “Scan the QR code to claim your prize” is a QR code Scam. It can trick users into making security mistakes or giving away sensitive information, exploit vulnerabilities on their smartphone and install malicious software.
|Name||Scan the QR code to claim your prize|
|Type||QR code scam, phishing|
|Related websites||www.freakywin.net, s.freakywin.net|
|Fake claims||You could be the winner of the Apple iPhone 14, Scan the QR code to claim your prize|
|Symptoms||Ads appear in places they shouldn’t be; Every time you perform an Internet search, your browser is redirected to a suspicious site; your device starts automatically installing unexpected apps; unwanted changes in your web browser; speed test good but internet slow; your device starts performing very slowly|
|Distribution||social engineering attack, push notifications, rogue ad networks, fake alerts within visited websites, PUPs, adware|
|Damage||financial losses, identity theft, serious privacy issues, additional malware infections|
|Removal||Scan the QR code to claim your prize removal guide|
Examples of such scams
Users never visit sites like “Scan the QR code to claim your prize” themselves. Typically, users are redirected to them after they click on misleading ads, visit torrent, illegal movie streaming and similar websites. Sometimes, users are redirected to the sites due to installed browser hijackers, adware or other unwanted software.
Why am I redirected to the “Scan the QR code to claim your prize” Scam?
Scammers use different ways to promote QR code scams, most common of which is usually social networks (YouTube, Instagram, Facebook, WhatsApp, Twitter). In addition, the scam can be promoted through deceptive ads and push notifications, as well as Adware and potentially unwanted apps (PUAs).
Cyber criminals abuse ‘push notifications’ by displaying unwanted ads. These ads are used to trick users into clicking fraudulent links, installing malicious software & so on.
Adware is a term that originates from ‘ad software’. In many cases, ‘adware’ is considered by many to be synonymous with ‘malware’. Its purpose is to generate profit for its developer by serving unwanted advertisements to a user while the user is browsing the Internet. Usually, adware gets into smartphones as part of a bundle with free apps, malicious downloads, fake updates, shared files, and other unsafe software.
How to avoid QR code scams and malicious redirects?
There are a number of methods that you can use to protect against malicious redirects and QR code scams. It is better to use them together, this will provide stronger protection.
- Think before you scan. Be especially careful with codes posted on websites. When you do scan a QR code, take a good look at the website it led you to. If it asks for banking or personal information that doesn’t seem needed, don’t hand it over.
- Preview the code’s URL. Some smartphone cameras can give you a preview of the code’s URL when you start scanning it. If the URL seems suspicious, then don’t click it.
- Use a secure scanner app or an ad blocker. These applications avoid the possibility of clicking on something malicious and prevent it from being downloaded to the phone.
- Pay for premium versions of popular services. The easiest way to avoid adware is to pay for the service you use. Many Internet services make it possible to use them without ads if you purchase a premium subscription. This helps ensure that malicious adware cannot reach you.
- Buy devices from trusted companies with built-in security. There have already been many cases where people who bought inexpensive Android devices found that adware was already installed on their devices. Cheap Android devices do not receive security updates and are therefore particularly susceptible to infection and should be avoided.
- Use an antivirus. Most antivirus programs can block malicious adware. Some malicious adware can block antiviruses, in which case a more aggressive method should be used, which is to use adware removal software. This software can detect and remove adware that has a negative impact on the device.
How to scan your smartphone for malware
If you suspect that your smartphone is infected with malware, you accidentally clicked on a link in the QR code scam, or just want to scan your device for malicious apps, then use Malwarebytes Mobile Security.
Malwarebytes Mobile Security is a free app that can easily find and quickly remove potentially unwanted apps (PUAs), adware, trojans and other malicious software.
Download Malwarebytes, using the link above, and install it on your smartphone. After installing the application, launch it and run a scan. Once the scan is complete, Malwarebytes will notify you of any malware it finds and offer to remove it. Just follow the prompts.
To sum up
We hope this article helped you learn more about the Scan the QR code to claim your prize Scam and avoid the scammers. If you have questions or additional information for our readers, please leave a comment.