QR codes are new to most of us, fun, and easy to use with your mobile phone. You’ve almost definitely seen them, and most likely you have used a QR code at your local restaurant instead of a physical menu. All you have to do is take a picture of the code from your smartphone and immediately you have the data visually displayed on your phone. So, what is not to like about them?
QR codes can also be used by criminals to steal your sensitive data, that’s what! The risk is that you cannot be 100% certain exactly what happens when you scan the QR code. The code could be a malicious link, just like the links you receive with phishing e-mails – except once you take the picture, your phone automatically ‘clicks the link’.
Many people scan QR codes assuming they’re safe. And while that restaurant menu may certainly not be a risk, think about the QR ads you see in public spaces. They are almost everywhere – in parking lots, in shop windows, in train stations, and throughout the New York City subway. All of these codes can easily be tampered with, or they can be fake QR codes that are used to direct the user to a website that downloads malware to their mobile phone simply by proclaiming ‘Get your free food item by scanning our QR code!’
While technology is a wonderful thing, new technology always comes with the disclaimer that criminals are going to find ways to use it to try to trick you. In response, be careful with any QR codes that are made available in public places, even if you recognise the brand or the supplier. If you do scan a QR code, double check the website that you’ve been directed to is the one that you were expecting – and never, ever input your user ID or a password in response to QR code.
For more information on how BW Cyber can assist you, please contact us at info@bwcyberservices.com.
