Be Careful When Scanning QR Codes – Here’s Why; Godfather malware is now hijacking legitimate banking apps; Google’s new update lets you have a real voice chat with Search… and More!
Every day, we scan the tech world for interesting news, sometimes from outside the tech world. Every Thursday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Thursday Newsbytes’ informative and interesting!
Why You Should Avoid Scanning An Unknown QR Code
QR (Quick Response) codes are everywhere these days. You’ll spot them on restaurant menus, business cards, product packages, and even concert tickets. A big reason they’ve caught on is convenience. With just a quick scan, you can jump to a website, connect to Wi-Fi, or save contact details. But while QR codes are undeniably useful, you still have to be cautious. Their popularity has made them a new tool for scammers looking for clever ways to fool people.
It’s quite easy for anyone to create a QR code that looks completely legitimate. Scammers can swap out real codes in public places with fake ones, send them through email or text, and even slip them into ads. When you scan one of these, it might take you to a fraudulent website or prompt you to install malicious apps on your phone. Take a scam in San Francisco, for instance, where scammers left fake parking tickets on cars. Each ticket had a QR code that led to a site designed to look exactly like the city’s official transit page, tricking people into paying a bogus fine.
Scammers also use QR codes to run cryptocurrency scams. In one case last year, a scammer created a fake YouTube channel and livestreamed a video with a deepfake of Elon Musk. In the video, the fake Musk promised to double any crypto sent to him. Viewers just had to scan the QR code on the screen and transfer their crypto to take part in what was framed as an investment opportunity.
Be wary of QR codes you get in emails and unknown packages
Scammers also use QR codes in phishing emails, a tactic commonly referred to as “Quishing.” These messages are made to look like they’re from a trusted company. It usually tries to get you to scan the QR code by claiming there’s an issue with your account or that you need to update your password. Once you do, the code directs you to a fake website that asks you to enter your account information or credit card details. QR codes like these can also show up in text messages.
Another common trick is sending unexpected packages to your address with no clear information about who sent them…
Godfather malware is now hijacking legitimate banking apps — and you won’t see it coming
First it was fake login screens, now it’s virtual instances of banking appsscan-icon
A notorious banking malware that targets the best Android phones has returned with new capabilities that make it even easier for hackers to siphon off your hard-earned cash.
As reported by Infosecurity Magazine, an updated version of the Godfather malware has been spotted online by the mobile security firm Zimperium.
Back when I first reported on this malware several years ago, it was being used by hackers to target popular banking and finance apps in countries around the world. At that time, Godfather primarily used overlay attacks to trick unsuspecting users into entering their usernames and passwords. These credentials were then used to log into their financial accounts to steal both cash and cryptocurrency.
Now though, the Godfather malware is back with a major upgrade that allows it to create virtualized versions of legitimate apps to commit fraud in real-time.
Here’s everything you need to know about this new malware threat…
Google’s new update lets you have a real voice chat with Search
Imagine just talking to Google Search, and it talks right back.
Google is rolling out Search Live, a fresh twist on AI Mode that lets you speak directly to Search in the app. It’s a pretty big leap toward making the whole experience feel more human and less like, well, searching.
As per the tech giant’s blog post, Search Live lets you actually talk to Search in which you can ask questions out loud, get answers back in real time, and dive into related links if you’re curious. Just open the Google app, tap the new “Live” icon, and start chatting. The AI talks back, and you can keep the conversation going as long as you want.
Stuck on a recipe, planning a getaway, or just randomly curious? Now you can chat it out with Google Search and get answers on the fly. Even better, it runs in the background, so you can keep scrolling, texting, or doing whatever while the chat keeps going…
A cautionary tale shared on Reddit tells the story of a Windows PC owner who used OneDrive to store 30 years’ worth of their data and lost the lot when their Microsoft account was locked, with no apparent way to regain access.
This is a nasty sounding predicament (highlighted by Neowin) to say the least, with the loss of what’s described as three decades of “irreplaceable photos and work” which was transferred to OneDrive as a temporary storage facility.
The idea the Redditor had was that they needed to move that huge collection of files from multiple old drives where they were stored to a large new drive, and OneDrive was selected as the midpoint in that data migration journey…
Websites are tracking you via browser fingerprinting, researchers show
Clearing your cookies is not enough to protect your privacy online. New research led by Texas A&M University has found that websites are covertly using browser fingerprinting—a method to uniquely identify a web browser—to track people across browser sessions and sites.
The findings are published as part of the Proceedings of the ACM on Web Conference 2025.
“Fingerprinting has always been a concern in the privacy community, but until now, we had no hard proof that it was actually being used to track users,” said Dr. Nitesh Saxena, cybersecurity researcher, professor of computer science and engineering and associate director of the Global Cyber Research Institute at Texas A&M. “Our work helps close that gap.”
When you visit a website, your browser shares a surprising amount of information, like your screen resolution, time zone, device model and more. When combined, these details create a “fingerprint” that’s often unique to your browser. Unlike cookies—which users can delete or block—fingerprinting is much harder to detect or prevent. Most users have no idea it’s happening, and even privacy-focused browsers struggle to fully block it.
“Think of it as a digital signature you didn’t know you were leaving behind,” explained co-author Zengrui Liu, a former doctoral student in Saxena’s lab. “You may look anonymous, but your device or browser gives you away.”
This research marks a turning point in how computer scientists understand the real-world use of browser fingerprinting by connecting it with the use of ads…
Thanks for reading this week’s Thursday Newbytes. We hope these articles were informative, interesting, fun, and helpful.
