QR Code safety tips

QR codes (Quick Response codes), are a type of two-dimensional barcode usually made up of black and white squares. You might typically see them on posters or advertisements. They can be scanned using most smartphone cameras to perform actions like opening websites, accessing special offers, viewing menus, joining Wi-Fi networks, or making payments.

QR codes can be difficult to interpret, making it easier for Cybercriminals to trick people into visiting malicious web sites. These codes often get opened on personal devices that might not have the robust security measures of a work device, leaving you more vulnerable to attacks. Cybercriminals have various tricks to lure you into scanning unsafe QR codes, including:

• Placing stickers with malicious QR codes on top of genuine ones.
• Sending emails with QR code attachments that contain malicious links (a technique sometimes called ‘quishing’), which could bypass your email security and antivirus software.

• Although QR codes are convenient, they are often not essential to use. You may be able to enter the website manually or find it linked from the homepage of the service.
• Always consider the legitimacy of a QR code, even if it's located where you would expect one.
• Use a QR scanner that displays the web address and try to confirm the authenticity of the website before opening it. If your phone's camera doesn't offer this feature, consider downloading a QR scanner app that does from the Apple or Google app store.
• Be cautious of any website prompted by a QR code that unexpectedly asks for personal information, your login details, or payment.
• Treat QR codes received by email with suspicion, especially if they were unexpected and treat it as phishing.