As the technology of using QR Codes is growing in use and popularity, hackers are seen embedding malicious URLs tucked with customized malware into QR Codes. Thus, allowing them to exfiltrate data from the victimized device when scanned. Or, diverting them to a malicious web portal that makes them divulge credentials, making the hacker gain an upper hand.
A recent survey conducted by MobileIron discovered that 71% of respondents responded that they cannot differentiate between a malicious or legitimate QR Code. And only 13% of them know that a Quick Response code can open up an URL to victims, and 20% believe that a scanning code can draft an email or connect a phone call to initiate a text message.
The highlight of this survey is that 51% of respondents know that QR codes do not exhibit privacy, security, and render financial help- but still use as they ease their digital lives to a certain extent.
So, how to protect from Malicious QR Codes
Just watch them closely and see if a hacker/s has posted a fake Quick Response code on a legitimate poster. And if you suspect something fishy, just avoid scanning the code.
Never- Ever share your details via QR codes as it can land you into trouble as it can be a code loaded on a phishing page and entering sensitive info can land you into deep trouble.
Most of the QR code scanner asks the victim about a possible URL they could be visiting after scanning the code and this allows the visitor to think before visiting the malicious webpage.