In general, QR-Codes are not dangerous in the first place. However, as with almost all subjects, there are some people who misuse this technology to harm consumers. What potential risks are there when using a QR-Code?

The so-called „quishing„.

• This belongs to the category of phishing attacks. Here, the scanned QR-Codes lead to so-called „phishing“ websites. Here attempts are made, to take sensitive or secret data from the user. This often involves registration or credit card data.

Sticking over of QR-Codes

• Especially in public places, there is a risk that a legitimate QR-Code will get covered up by a dangerous one. For example, QR-Codes are pasted over on billboards. The user scans the code because he thinks the code belongs to the trustworthy company of the poster. In reality, however, it has been pasted over with a harmful QR-Code. Instead of the legitimate page, this then leads to a phishing website or to the app store, for example, in order to install a Trojan on the device by downloading an app.

However, you do not need to be afraid as soon as you scan a QR-Code. There are several ways to recognise such suspicious codes and avoid the risks of QR-Codes

How can I safely counter the risks of QR-Codes?

Several years ago, the first security measure was already implemented by smartphone manufacturers. Whereas in the past, the link stored in the code was opened immediately when the code was scanned, the domain stored in the code is now first displayed on the camera screen. This already shows whether it is the original website or whether the link looks suspicious. If the link does not appear to be trustworthy, simply close the camera again and you will not even access the dangerous website.

If you are still unsure whether the QR-Code is trustworthy, there are apps that provide assistance. These check the content of the code and warn you of potentially dangerous content.

And even if you do enter a dangerous page: as long as you do not interact with the page and do not enter any data, nothing can happen. So first check whether the site appears trustworthy, whether there is an imprint and whether the browser is issuing any warning messages. If all this looks good, the website can be used without concern.

To increase security even more, multifactor authentication should always be used. This reduces the phishing potential enormously.

Conclusion: should QR-Codes be avoided?

Clear answer: no. QR-Codes make everyday life easier in many ways, as they can provide a lot of information in a cost-effective and space-saving way. Additionally, the risk of ending up on dubious websites exists not only with QR-Codes, but with all links on the web.

So instead of abandoning a useful utensil, it is better to take a closer look at the website before interacting with it or providing sensitive data. Moreover, QR-Codes with a known origin are generally more trustworthy than those you come across by chance.

Scan a QR-Code here!