During the curse of the pandemic, businesses have been moving away from using physical media such as brochures, menus & leaflets to lessen the risk of contamination.
Digital solutions are a perfect solution and Quick Response, (QR), codes are used in more settings than before.
Like a barcode, a QR code can be scanned with a smart phone, taking us to a digital online menu, brochure or leaflet without physical contact.
However, many users are unaware that scanning a QR code can allow a range of activities beyond directing you to a web resource. They can open an application, draft emails, place calls, and open a map.
We trust that a QR code on a shop poster, or a menu is legitimate but this is also an appealing approach for hackers to replace the QR codes, with their own, that could redirect to a malicious application or phishing site.
A bad actor with malicious intent needs only to print their QR codes as stickers and cover the legitimate ones with theirs, and how would you know?
Methods to prevent malicious activity using QR codes:
1 – Use a mobile QR scanning app that allows you to preview the URL/action first. For example, if you are in a restaurant and use the QR code and you can see that the preview URL takes you to an inaccurate website or a phone application then you can discontinue with the URL and report it to the business.
2 – If the QR code is a sticker placed randomly then their is a high chance that a hacker has created this QR code and printed it out as a sticker. Especially if the QR code has been placed in a weird location like walls or doors.
3 – Install a mobile security app – An efficient security application can prevent all different types of malicious activity such as viruses, worms, trojans, spyware etc. So, if a QR code has been tampered with, the detection system can alert you first to stop it from happening.
Provention is the best cure!