A cyber security expert said a new threat is emerging with QR codes carrying ransomware and other viruses.

Scott MacKenzie, Chief Executive Officer of Cloud Carib, said Guardian’s business that for the upcoming Thanksgiving, Black Friday and Christmas season, shoppers need to be aware of the new ransomware attack that could hit the country before the end of the year.

Mackenzie said: “Just because of the sophistication of today’s attackers, people need to be much more aware of the links they click and the QR codes they scan. One of the malicious attack vectors now is that people will go into restaurants or see windows and other posters that say scan this QR code and basically replace it with a QR code that if you actually click on the link , a malware will download it for you.”

This new trend is already a problem in major cities like New York, Los Angeles, London and Singapore, Mackenzie said.

“Quishing” or QR code phishing is when hackers trick users into exfiltrating their sensitive data. Scanning a fraudulent QR code can automatically download malware to your mobile device, allowing hackers to access your personal data.

Mackenzie also said: “You have to be very careful because the attack vectors are becoming much more sophisticated, like emails that look like they’re from your bank or something like that. So you really have to be careful about any emails you get or WhatsApp messages or whatever.”

There has been a prominent ransomware from last year, that is the Akira ransomware that completely shuts down operations.

Arawak Port Development Limited (APD) disclosed in its year-end financial report for 30 June 2024 that in April they were attacked by the Akira ransomware, which made local port applications inaccessible and caused a brief service interruption.

This forced APD to revert to manual work after shutting down all of its systems with internet access. They also had to go through a lengthy recovery of backup files and electronic records.

Mackenzie said of the Akira ransomware: “There are always threats, basically there’s an old one or a new one. Akira is always a threat and there is always a constant announcement

“So the last announcement from CISA (Cybersecurity and Infrastructure Security Agency), which is like the US government’s awareness of crime, was in April, but it’s still an active threat globally until all exploits are effectively addressed.”

What needs to happen with a ransomware threat solution is that cybersecurity experts will need to develop software updates and patches that repel the attack.

When all patches are no longer applicable, then it would be safe to say that a ransomware has been effectively eradicated.

Mackenzie added: “It only applies when all security exploits are resolved. So, that’s why it’s critical that companies do vulnerability scans, vulnerability assessments, penetration tests, things like that. So if you act or do active and rigorous vulnerability management and penetration testing quarterly or annually, you can prevent these types of things.”