The use of Quick Response (QR) codes has become more popular in the COVID-19 environment, aiding contact tracing and business check-in efforts.
QR Codes™ are like barcodes that contain information that can be read by the camera or another app on your smartphone, triggering your smartphone to perform an action, such as:
Some businesses may also display QR Codes™ that direct customers to a website containing menus, or in some instances, to facilitate payments.
Although QR Codes™ are convenient and widely used, you still need to be cautious and aware of potential risks.
QR Codes™ can be used for fraudulent purposes, with malicious QR Codes™ used to distribute malware, direct you to harmful websites, or to compromise your personal information, such as your name, phone number, email address etc, which could result in your personal information being used for criminal purposes.
What to look out for:
Be extra cautious if using a QR code to make a payment. If you are unsure of the website, do not enter your personal information or account/credit card details. Use secure payment options, such as PayPal, if offered, to give you an extra level of protection.
The Australian Cyber Security Centre has step-by-step guides to turning on automatic updates for smartphone operating systems, and turning on multi-factor authentication, which can help to mitigate the harm caused by scanning a malicious QR code.