QR codes are a threat to cybersecurity – Why?

Hi, I’m Chris.

I’m here to help you through every step of your PRVCY journey.

Wether you’re already taking the PRVCY online courses or a new subscriber, I’ll post constant news and information based on our research to help you taking back control of you PRVCY!

Apparently, QR codes were invented to label and track car parts. That seems like a really good idea. Let’s not use them for anything else.

QR codes, denoting two-dimensional barcodes with the capacity to store diverse data types, have gained popularity for their convenience in numerous applications, such as marketing, payments, and authentication. Nevertheless, akin to all technologies, QR codes come bundled with their own assortment of cybersecurity perils and hazards.

QR codes existed prior to the pandemic, naturally appearing on food packaging and bus stop advertisements. Yet, they appeared somewhat gimmicky, with most individuals not heavily reliant on them in their daily routines. I distinctly recall downloading a QR scanner app for my smartphone and employing it perhaps just once.

Since 2020, QR codes have been everywhere. The other day, when I was at a restaurant, they had this fancy online menu that I couldn’t find on my own. Surprisingly, the staff didn’t know the website for the menu either. When I hesitated to scan it, the waitress had to use her own phone so I could order. It was kind of weird!

Why I don’t want to scan a QR code?

Number one, some QR code-based applications may request unnecessary permissions, potentially infringing on user privacy by accessing sensitive information, such as location data, contacts, or the camera without user consent.

Moreover, a noteworthy security concern arises from phishing emails purportedly originating from Microsoft. These deceptive messages instruct recipients to scan attached QR codes for reviewing security requirements and updating their accounts. Regrettably, scanning these codes directs victims to websites meticulously devised to pilfer their information. This approach allows the phishing messages to evade email security filters designed to identify known malicious links.

 

Here are some of the potential dangers of QR codes for cybersecurity:

Malicious QR Codes:
Cybercriminals can create QR codes that, when scanned, lead to malicious websites or initiate downloads of malware onto the user's device. This can result in data theft, ransomware attacks, or other forms of cyberattacks.
Phishing Attacks:
QR codes can be used in phishing attacks, where attackers trick users into scanning a QR code that appears to be from a legitimate source but actually redirects them to a fraudulent website designed to steal sensitive information such as login credentials or financial details.

#PRVCYTipps

To mitigate these dangers and enhance QR code cybersecurity:

  1. Only scan QR codes from trusted sources.
  2. Be cautious when scanning QR codes in public places or from unknown sources.
  3. Use a reputable QR code scanner app that includes security features.
  4. Avoid scanning QR codes that are shared via unsolicited emails or messages.
  5. Regularly update your mobile device’s operating system and apps to patch security vulnerabilities.
  6. Be mindful of the permissions you grant to apps when using QR codes.
  7. Consider using QR code authentication in conjunction with other security measures like two-factor authentication (2FA).”

Latest PRVCY Insiders:

Categories

Hi, I’m Chris.

I’m here to help you through every step of your PRVCY journey.

Wether you’re already taking the PRVCY online courses or a new subscriber, I’ll post constant news and information based on our research to help you taking back control of you PRVCY!

PRVCY Insider

Stay up to date with the latest news on data protection and controlling your privacy online.

EN - PRVCY Insider