Online opportunists have wasted no time in sussing how to use QR codes to commit cybercrime. As quick as counting to three, this way they can access your personal details and use them in a number of ways that can wreak havoc.

Fake QR codes are increasingly creating chaos with regular reports of unsuspecting users finding a zero balance on their bank accounts overnight.

QR stands for Quick Read or Quick Response and the method is designed to do just that – provide you or a service with information. Similar to POS (Point of Sale) products which have bar codes, the QR codes have been tailored for smartphones. It is made up of digital square dots and black modules on a square white background and can be read by your phone’s built-in camera or a QR code reader application.

Real QR in Print

Legitimate companies use them to track and identify products and direct consumers to their websites. They are often found in magazines, flyers and business cards. Newspapers often use a Quick Read code to save on print costs. By scanning the code you are able to read more articles and even access videos on the subject you are interested in.

Real QR in Track and Trace

A QR code is proving invaluable to the NHS too, for its COVID-19 track and tracing. It can be found clearly displayed in restaurants, pubs and leisure venues. It is compulsory to display this QR code to record your contact details, which will only be used to inform you if COVID-19 outbreaks occur at that particular venue.

Real QR in Marketing

The Quick Read method is also beneficial for brand marketing. The code will give the consumer the option for finding out more about the product by clicking on the code that will direct them to the relevant website.

QR Click Jackers

Sophisticated cyber crooks have developed variations of fraud via the QR code route. They substitute legitimate Quick Response codes with bogus codes. As soon as you point your smartphone at the image you will have been click jacked. You might be directed to malicious sites which are almost identical to the real deal. These may include malware giving the criminals access to all your personal data that is stored on your phone. In this age where most of us have our bank’s app on our smartphones, it is even easier for them to infiltrate and retrieve sensitive data for fraudulent means.

QR Phishing

Fake QR codes could lead you to a bogus website, which might convincingly mimic a trusted brand or service. Here, you will be asked to provide certain personal details that will enable the fraudsters to commit their crimes. Even an email address is enough for them to drill down to your personal information. Once they have this data it will be used in the form of identity theft.

Here are ways to avoid a QR Code Scam:

  • Never scan a standalone QR code. Don’t let your curiosity get the better of you by clicking on a box which isn’t linked to a service or product.
  • Don’t scan in public places. If you chance upon flyers or posters with QR codes on bus stops and buildings, for example, avoid them at all costs.
  • Check if the QR code is on a removable sticker. If it is, walk away because it is almost certainly a fake.
  • Download a scanner app that can check the website the QR code is directing you to.