QR codes saw a resurgence during the pandemic, as more people took extra steps to keep their hands clean and touchless technologies gained ground at restaurants and retailers. While convenient, QR codes come with security risks. Like any other link, the codes can be the first step in a malware or phishing attack. Here are 5 things to consider before you tap on that code:
- Look at the URL. When you point your phone’s camera at a QR code, you get a preview of the URL. If it’s a short link or something unrecognizable, proceed with caution as you would with any link.
- Check the URL in the browser after you tap. It may have said it was taking you to the restaurant’s website then took you to a clever phishing site copy of it. Check that URL to be sure.
- Don’t log in after a QR code tap. There are going to be times where you will need to, but be very cautious about it. In fact, be wary of giving any personal information to a site you reached through a QR code.
- Don’t download apps from a QR code. A common scam is to promote fun new apps on a QR code, and the fun part is when it installs malware and steals your personal information. It’s fun for the attacker. Not for you.
- Be careful about paying. Don’t make payments through a QR code unless you’re absolutely certain it is legitimate, which would probably mean you’re in China using WeChat or AliPay. In other countries, payments are less common by QR code, so make absolutely sure it’s legit.
Have Questions About QR Codes? Reach Out to a Member of the BMT Team