Why are there funny looking barcodes everywhere?
Even if you're not familiar with QR codes, you're seeing them everywhere - in print, on TV and at the store. The "QR" stands for "quick response," which is exactly what they're designed to do. These funky looking barcodes (usually a square image with small black and white shapes) store information that can quickly be read by your mobile phone's camera*. Normally, the barcode will take you to a website to view information about a place you are visiting or a product you are interested in.
Even more functions have been added to QR codes. Today, they can:
- pop-up text on your mobile-device screen when you scan it
- bring up an email for you to send to a specific address
- bring up your phone app to dial a number
- pop up your text app so that you can send a text somewhere
- pull up your maps app to see where you are or to get somewhere else
- pull up a social media page or channel
- join a local Wi-Fi network
- pull up a crypto address to make a payment
- display a PDF file or picture
- take you to a mobile app store to download an app
Unfortunately, any time a new convenience comes along, criminals look for ways to gain something from that technology. Criminals have started to use QR codes for malicious activities, like taking you to a fake website, installing a corrupt app on your phone or to collect your personal information. Another problem is that QR codes are free to create and there are many ways to create them.
QR codes are becoming more common in restaurants to see the menu, in stores to learn more about a product and at an attraction to navigate you through the areas. These are all places for criminals to stick their own QR code on top of the legitimate QR code. When you scan the code, your mobile device starts you down a malicious path even though you believe it was legitimate scan.
As you can see with the QR code above, when you scan it, your device should pop up a preview telling you where the code will be taking you if you choose to continue. This is the equivalent of hovering your computer mouse over a link to see if you want to go to a website before you click. This is an important safety precaution and reminder to be aware of where QR codes are taking you. If you don’t feel good about the website name before or after you visit it after scanning a QR code, just close your camera app or the browser window it took you to.
Some additional tips for QR code safety:
- look to see if the QR code has been tampered with, like a new code sticker on top of the original
- use the built-in camera app on your mobile device to scan QR codes
- be cautious when logging into a site after scanning a QR code
- don’t download an app from a QR code
- don’t make a payment from a QR code