How to protect yourself from malicious QR codes

How to protect yourself from malicious QR codes

by Donals Anderson, November 17, 2017

QR codes or Quick Response Codes are those small black and white squares like barcodes that we can see anywhere. It is usually found in a transitory media where a piece of information about the media is put in the QR codes. Listed here are some of the things where QR codes can be found.

  • Malls (usually seen in the entrance of Stores)
  • Magazine advertisements
  • Billboards
  • Posters
  • Coupons
  • TV Ads
  • Flyers (Political Campaign, Marketing Ads)
  • Product Items

These QR codes can be read quickly via cellphone application. The QR code reader app installed in your mobile phones can decode it by pointing the camera to the image and let it be scanned for a minute to see the information it contains.

It is placed where people can easily scan the QR Code. People can download an application of the store or can view a homepage from links posted by the stores. They can install more information than the standard barcodes.

Some of the information that a QR code can contain are:

  • Product details
  • Contact details
  • Offer details
  • Event details
  • Competition details
  • A coupon
  • Twitter, Facebook, MySpace IDs
  • A link to your YouTube video or Web page

In this event, people will only need to scan the message to know what contains, after it is scanned then a link or a webpage address will be provided. This is the opportunity where cyber criminals have been waiting for.

When a QR code can be Malicious?

Cyber Criminals find out that QR codes can be used also as their tool for a purpose of attacking your mobile phone or any device to install malware or steal your information. Hackers embed malicious links on a fake QR code and then print on a sticker paper to replace the original QR code posted as a substitute. They can also replace legitimate codes before a company can print it. Upon distribution, the QR code already contains fake links or malwares. The damage created by the misleading QR codes will be shouldered by the company who distributed it.

If curious people being unaware of what is inside the code unknowingly scan it and direct to the links it provides until, they will be able to get some virus on their mobile phones. Some malicious QR codes can also be distributed by means of Email which is what we call as Phishing. They can also direct you to harmful websites that is intended to manipulate your devices like turning your microphone or camera on. Mainly the purpose can be to exploit or get something from you. Hackers can then steal information from you, unaware that you have already downloaded or visited a malicious site posing as the legit company you thought it was just because of the malicious QR code you scanned.

How are we going to protect ourselves from malicious QR codes?

Because QR codes are also being used by cyber criminals, here are some advices that you can use to protect yourself from getting harmed by this malicious QR codes.

  • If you don’t trust it, don’t scan it. Same with the links found in our computer, if the QR code is Suspicious for you then don’t scan it. Most of the scammers stick their fake QR codes on the poster or stores on top of the legit one. You can always check these codes by touching the poster and feel if it was actually printed on the poster. It is also still safe if you do the searching yourself about the product or advertisement that you want to know.
  • Be vigilant and observant before anything else. Never give any of your information to the page you just visited provided by the QR code you scanned. Be sure that you got the QR code from a very trusted source before giving your information.
  • You can type the URL directly to the browser.  It is always safer if you do the typing of the links directly to the browser to be sure that it is legit.
  • Check the URL or links before proceeding. You can use a QR code scanner that has security features that shows or previews the content of the code so that the user can choose whether to proceed to the link or not. That way you can be protected by malicious sites and won’t automatically direct you to the site. Some scanners also checks the links if it will match with their database of malicious sites and it will be able to warn you before you can get harm.

It is always better to be educated and learn about these things before it’s too late. Be vigilant all the time and be safe.