Watch out for QR Codes!

A QR (Quick Response) Code is becoming a target for cybercriminals. A QR code is a link that, when scanned with a smartphone, links to an electronic action. The scan can take the person to a website, download a file, open an app or add an event to a calendar. QR codes can be added to many different medium/products.

Cybercriminals create and use QR code links just like they use links in a phishing email. The link can take the user to a malicious website or could download malware onto a device. 

Security programs should include a warning to employees to be wary of QR codes. Tips can include

• If the code is associated with an unknown or untrustworthy source, don't scan it.
• When scanning, use an app that provides a preview of the destination location.
• If the scanned url is unrelated to the name or if the website requires a login, close out of the browser.

Consider including QR code warnings as part of ongoing security training.