QR codes are an amazing tool, offering satisfying flexibility and convenience when it comes to data and information sharing. But be careful when you scan a random QR code outside.
When you use a QR code generator to create a QR code, the possibilities are limitless. You can generate QR codes to call phone numbers, share an image, open an app, redirect to URLs, or send an SMS.
But scanning a quick response code out of context or not being cautious out there can spawn some undesirable consequences that can threaten your cybersecurity. How so? Let’s take a look.
Table of Contents
- Dangers of a Random QR Code
- Random QR Code – Quishing
- Fraudulent Details
- Safety Recommendations Out There
Dangers of a Random QR Code
Amid the pandemic, the use of QR codes skyrocketed among people and businesses. According to a study by emarketer.com, the number of smartphone users scanning a QR code in the US is set to grow from 83.4 million this year to 99.5 million in 2025.
Scammers have taken advantage of this soaring growth to create QR codes that send people to fraudulent websites. Once there, they try to steal confidential information such as banking usernames and passwords.
One recent example is drivers at pay-to-park kiosks in several cities in Texas. Scammers placed stickers with fake QR codes on the pay stations, so drivers who scanned them were sent to a webpage that prompted them to type their credit card or bank account data.
Random QR Code – Quishing
This impersonation through QR codes is known as quishing, which is a combination of the words QR and phishing.
How Does Quishing Work?
Like the situation described above, scammers place QR code stickers on top of legitimate QR codes used in all types of businesses such as restaurants, shopping malls, or general businesses.
The goal is to redirect potential victims to fraudulent websites to request sensitive data or ask them to download malicious software to infect the mobile device.
By clicking on these pop-ups, cybercriminals redirect a user to disguised fraudulent pages. These pages scare users with supposed computer problems and redirect them to a fake program download page.
Both modalities of scanning a QR code also combine social engineering —used by scammers— to get users to provide their confidential information. The victim can receive the code through messages or emails, reinforced with fraudulent calls.
Safety Recommendations Out There
We provide you with some key essential recommendations that when put into effect, will steer you away from scams and let you enjoy the perks of the great QR code technology.
Check the App
Whenever you scan a QR code, make sure you use an app that allows you to view the link of the page to which it redirects.
The purpose of this action is to avoid visiting an unknown website or whose domain does not correspond to the one the QR code should send to.
Random QR Code/Supplanted QR Code
Before you scan a printed QR, always check that the QR code is not a sticker pasted over a real one. This could happen at restaurants where criminals stick a fake code on the menu.
Disable the automatic opening of links when scanning a QR code. This will prevent you from being redirected straightaway to dangerous websites.
Always check that the URL or website you intend to visit has the correct link. People type a few words of the web address they’re looking for and sometimes don’t verify everything that follows.
It could happen that the search takes you to a page that has been supplanted by one created by a criminal, which is also identical to the one you wish to be redirected to.
Do not disclose your financial activity on QR codes on social networks, and always trust those codes by reputed financial institutions.
Always try to keep antivirus protection activated on your device. This will save you against malware and other threats that can infect your phone and steal critical information.
Can you get scammed with a random QR code?
According to the FBI, a QR scam is done via modified printed or on-screen QR codes. When a user scans it, the altered code sends them to a “malicious site” that requests them to enter banking credentials and financial information.
Should I stop scanning QR codes?
Absolutely not. QR codes themselves are not a threat to your data security. You can scan QR codes from reputed businesses and brands, but always be aware of the recommendations provided above.
Bearing in mind the aforementioned considerations and tips will allow you to get the best out of the QR code experience without risking losing your personal data and financial information.