The Dangers of QR Codes.
If you are a Crtptoinvestor, keeping your devices and identity data secure is of the utmost importance! We are all familiar with QR codes. They have been around in the automotive industry since 1994 and really took off after COVID spread around the world, thanks to China and the WHO. Or are we still not talking about that?
Anyway, it seemed that QR codes popped up everywhere thanks to their convenient ability to provide links to everything with point and capture technology. Unfortunately, that is what they essentially are…links. Would you go around clicking all the unknown links in your emails? I hope not.
I made these QR codes on this site. They look different, but to your device, they are all links to my article about passphrase security. Just using our vision, they look different.
*All three codes are the same to your device. The logo means nothing! I designed all these logos on MEQR.
What can QR codes do?
Anyone with a smartphone pretty much knows that they function as links. So they can open applications and even go to websites. While alone, they are not dangerous. They are not going to jump out at you and grab your information. However, they offer a portal for data to travel back and forth. Since we can’t read the little cube, and it’s not convenient to take your protocol droid everywhere, we assume that the code we are scanning is safe. However, how do you know if that? Unfortunately, you don’t know. You “trust” the place that is using it.
Once they are open, they require final approval from the user. Once activated, a link can be used for legitimate uses or malicious deeds.
From there, it functions as malicious links. If you activate it, you end up a victim of:
*Malware attacks- software that can open backdoors, download programs, steal personal data, location, ransomware, and open the victim’s webcam, all unbeknownst to the individual.
*Phishing attacks- also known as QPhishing. These are clever attempts by individuals to pose as legitimate websites and companies to acquire information from individuals. Once they get you started believing that you are working with a legitimate company, then they can get all kinds of private information from you. This is why you always check the spelling on emails and double-check before clicking links on emails.
*Other possibilities- Another possibility is similar to the Heinz 2015 event. When this company’s patent expired, they didn’t renew it. A third party stepped in. They used their old QR code to link to an explicit website. So this is another risk. What happens when companies stop using QR codes and links? Just because they used it in the past, it doesn’t guarantee it still does.
As with most of the digital age, a lot of your own protection falls upon yourself. There are programs that can protect you from viruses and some hackers. However, QR codes and links leave the final choice to open or not to the user.
If you want to learn the advantage of passphrases to passcodes, here's a link to one of my articles.