QR Codes are Making a Comeback…and That may be Dangerous

by

August 4, 2017

Quick Response Codes (QR Codes for short) have been around for a while. They’re an insanely popular marketing device in China, Japan and other Asian markets. They’ve never been really popular in the States but that might change fairly soon…

You see, QR Codes are SO popular in China that Apple Inc. is building a QR Reader right into the next version of iOS. It‘s only a matter of time before advertisers try to capitalize on the new software feature here in the US. 

Before you know it, every Tom, Dick or Harry who uses an iPhone will be able to scan QR Codes right through the camera app.

What is a QR Code and How Does it Work?

A Quick Response Code, or a QR Code is “a machine-readable code consisting of an array of black and white squares, typically used for storing URLs or other information for reading by the camera on a smartphone.”

It’s pretty straightforward. Advertisers use them because it’s an easy way to bring a level of interactivity to what’s traditionally static marketing.

The code gets printed and distributed and impressions from print advertising (which were once an impossible metric to track) are now easy to follow via a unique URL hidden behind the QR Code and  Google Analytics.

So What’s the Problem?

 QR Codes are capable of great good. Sadly there are people out there that use their power for evil. 

QR Codes might seem harmless but they’re not, at least, not entirely. The danger comes from not knowing what hides behind them. The QR Code could potentially hide dangerous malware that would be served up to your phone once scanned. Or you could be directed to a phishing site that aims to steal your personal information.

You probably get the point.

We decided it was a good idea to share some simple rules with you regarding QR Codes and how to stay safe if there happens to be a resurgence of the little buggers.

Use a QR Code Scanner with a Built-in Preview Feature

There are loads of Apps on both Apple’s App Store and Google Play that’ll read a QR Code and serve up the content behind the link but…be careful picking one willy-nilly. Using something with a security pedigree behind it is probably a good idea.

Both Norton Security and Kapersky Labs offer up solutions to the QR conundrum on both Google Play and the Apple App Store (Norton Snap QR Code Reader: Google Play, Apple App Store | Kapersky QR Scanner: Google Play, Apple App Store)

Both Apps are moderately well rated (about as good as you can expect from Norton or Kapersky) and seem to do the job. Both offer previews of the content behind the QR Code and warn the user if the site they’re trying to visit  is known for soliciting harmful material.

Inspect the Content Before You Scan

They say you’re not supposed to judge a book by it’s cover, but who are we kidding? Everybody does it and in this case, you should to. Before you even consider scanning a QR Code you’ve found out in the wild, inspect the copy and content it’s attached to.

A lot of advertisers who’ll take the time to set up a campaign that uses QR Codes will go the extra mile and create customized codes that are brand specific. For example:

We still recommend giving the piece a full work over before you get your phone out and start snapping. If the content of the advertisement seems off, it probably is, trust your judgment.

Also, if the QR Code looks like it’s actually a sticker applied over something else it’s better to leave it alone. Chances are the material’s been hijacked to promote something else.

That goes for QR Codes you might see hanging solo. We know how tempting these things can be to scan. Heck, we put a QR Code or two in this very post (resist scanning them if you dare). Try to contain yourself if you see a random one stuck to a street sign.

In Conclusion

We don’t know for certain that QR Codes will gain any semblance of popularity here in the States regardless of what Apple Inc does with iOS 11. But if they’re looking at baking support for them right into iOS it wouldn’t surprise us at all to see QR Codes more and more in the wild.

Apple’s iOS security is top notch (truly, it is) and whatever feature they add to their camera app will be too. However, the resurgence of QR Codes could be bad for Android users. Hackers might not be able to crack iOS with any regularity but Android is a different matter all together.

Nearly three-quarters of Android devices on the market (according to Computer World) are behind on their security updates. If the fine folk at Computer World can pick up on that fact then the people behind the distribution of malicious code and phishing attempts can too.

We can’t stop you from scanning QR codes or from using Android devices (yuck) be we can help you stay safe. 

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...