The Gravity IT Blog

6 Tips for Safer QR Code Scanning

QR code on a smartphone

QR codes are everywhere: restaurant menus, flyers, posters & business cards. A simple scan with your smartphone camera and you’re directed to a website, a video, offer or other online content.

But as QR codes get more popular, cybercriminals are exploiting the technology for malicious purposes.  

Scammers create fake QR codes. They can steal your personal information, infect your device with malware or trick you into paying money.
It’s crucial to use caution when scanning QR codes. This emerging scam highlights the potential dangers lurking behind those seemingly innocent squares.

The QR Code Resurgence

QR- ‘quick response’- codes were originally designed for tracking parts in the Japanese automotive industry. In recent years there’s been a huge resurgence in their popularity- especially during the pandemic- and they are often used in forms of marketing today.
QR codes give instant access to information by simply scanning a code. They’ve become an integral part of various industries, including retail and hospitality. Unfortunately, cybercriminals are quick to adapt and exploit the trust we place in QR codes.

How the Scam Works

The scammer prints out a fake QR code and places it over a legitimate one. For example, they might stick it on a poster that advertises a product discount or a movie.
You come along and scan the fake QR code, thinking it’s legitimate. The fake code directs you to a phishing website. These sites then ask you to enter sensitive data like your credit card details, login credentials, or other personal information.
Alternatively, scanning the QR code may prompt you to download a malicious app that contains malware to:
• Spy on your activity
• View your copy/paste history
• Access your contacts
• Lock your device until you pay a ransom
The code could also direct you to a payment page that charges you a fee for something that’s supposedly free.
Here are some tactics to watch out for.

Malicious Codes Concealed

Cybercriminals tamper with legitimate QR codes. They often add a fake QR code sticker over a real one. They embed malicious content or redirect users to fraudulent websites.

Fake Promotions and Contests

Scammers can use QR codes to lure users into fake promotions or contests. When users scan the code, it may direct them to a counterfeit website. The website may prompt them to provide personal information. This can lead to potential identity theft or financial fraud.

Malware Distribution

Some malicious QR codes start downloads of malware onto the user’s device. This results in compromised security including unauthorised access to personal data and potential device damage.

Stay Vigilant: 6 Tips for Safer QR Code Scanning

1. Verify the Source

Be cautious when scanning QR codes from unknown or untrusted sources. Verify the legitimacy of the code and its source. This is especially true if it prompts you to enter personal information.

2. Use a QR Code Scanner App

Consider using a dedicated QR code scanner app rather than the default camera app on your device. Some third-party apps provide extra security features such as code analysis and website reputation checks.

3. Inspect the URL Before Clicking

Before visiting a website prompted by a QR code, review the URL. Ensure it matches the legitimate website of the organisation it claims to represent.

4. Avoid Scanning Suspicious Codes

Trust your instincts. If a QR code looks suspicious, don’t scan it. Scammers often rely on users’ curiosity. Be careful when scanning QR codes you see in public places. Don’t scan them if they look suspicious, damaged, or tampered with. Stay alert.

5. Update Your Device and Apps

Keep your device’s operating system and QR code scanning apps up to date. Regular updates often include security patches that protect against known vulnerabilities.

6. Be Wary of Websites Accessed via QR Code

Don’t enter any personal information on a website that you accessed through a QR code. This includes things like your address, credit card details, login information, etc.
Don’t pay any money or make donations through a QR code. Only use trusted and secure payment methods.

Contact Us About Phishing Resistant Security Solutions

QR codes can be useful and fun. But they can also be dangerous if you’re not careful. Always scan them with caution. Protect yourself from scammers who want to take advantage of your curiosity.
This scam falls under the umbrella of phishing. Phishing is one of the most dangerous modern risks for individuals and organizations. If you need help ensuring your devices are phishing resistant, just let us know.

Contact us today to learn more.

We deal with the IT stress, so you can get back to work.

You should know, like and trust your IT team.

Since 2014, Glenn and his select team of IT experts have been working with small to medium businesses across Australia.

We take a multi-layered, proactive approach that means our clients avoid problems before they happen.

What to expect when you work with us

Practical, real-world solutions
Service that exceeds expectations

Our Services

Cyber Security
Hardware & Software
Managed IT
Managed Backup & Business Continuity
Microsoft 365

Head Office

Unit 1, 4 Edge Street
Boolaroo, NSW


M-F: 8.30am - 5pm
S-S: Closed

Gravity IT team

© Gravity IT Solutions 2024. All Rights Reserved.