The COVID-19 pandemic has forced organisations all over the world to rethink the way they interact with their consumers. For instance, restaurants have opted to use QR codes so that customers can browse menus on their phone or make contactless payments without risking possible transmission.
And now, Check Point is warning mobile users of the security risks of QR codes. The cybersecurity solutions company says that hackers are looking to take advantage of QR codes’ new popularity, by replacing legitimate QR codes with one that launches a malicious URL or tries to download customized malware.
A recent survey by MobileIron showed that from March to September 2020, 38% of respondents scanned a QR code at a restaurant, bar or café, and 37% scanned a code at a retailer.
Over half (51%) of respondents stated they do not have, or did not know if they had security software installed on their phones. In many cases, these phones hold both personal and business apps and data, putting organizations at increased cyber-risk.
“We need to remember that a QR code is nothing more than a quick and convenient way to access an online resource, and we can’t be certain that the resource is legitimate until after we’ve already scanned the code – which means that an attack could have already started,” says a Check Point Spokesperson.
“QR codes are not inherently secure or trustworthy, and hackers know that a majority of people have little or no security on their phones at all, so we strongly advise everyone to use a mobile security solution to protect their devices and data against phishing, malicious apps and malware.”