Over the past few years, QR codes have seemingly spawned everywhere. Our smartphones have been simplified so that every camera can quickly look at the code and then follow the link.
But that is where the problem lies. A QR code (Quick Response code) is just an interactive link to take you to a webpage or downloadable file. Unfortunately, since a QR code is nothing more than a fancy-looking link, cybercriminals can use them just like they would use a link in a phishing email.
Ask yourself, would you click on every link you’d find on your computer? No. Then why are you doing it with your phone?
Many free websites allow you to create your own QR code that links to anything you choose. This means that cybercriminals can create a QR code that links to a malicious website or downloads malware onto your device.
Once they have created their malicious QR code, it can be emailed, posted to social media, printed out on flyers, or even made into stickers and placed on top of legitimate QR codes.
Follow these tips to stay safe when scanning QR codes.
- When scanning a QR code, be sure to use a scanner app that provides a preview of the destination. This feature gives you a chance to review the URL and decide if the QR code is safe. Click here to see Uniqode’s listing of the best QR scanners for smartphones.
- Never scan a QR code from an unknown or untrustworthy source. Did you receive a random, anonymous flyer claiming you could win the latest iPhone if you scan the code? Don’t trust it!
- When out in public, use common sense. Many bars and restaurants now use QR codes instead of menus, which are typically safe. But the random QR code stuck to the stop sign near the bus stop… don’t scan it!
“While native camera apps are quite proficient at scanning QR Codes, having a dedicated scan app can add an extra layer of security. QR Code apps, can help prevent malicious attacks by scanning the URL of unknown QR Codes and determining their safety,” said Shashank Raj, director of engineering at Uniqode.
If you scan a QR code and the URL looks cryptic, or the website requires a login, or the site is unrelated to what you scanned, close out of your browser immediately. QR Codes are here to stay, but we need to remain vigilant to keep our devices safe.