The QR Code Concern

A Complicated Problem

Recently, at a Los Angeles rooftop establishment, a waiter with a mask and plastic face shield instructed the customers at the table to scan the intricate design on the table to access the menu. As businesses across the country re-open, they’re looking for ways to keep employees safe while reducing human contact. Enter the QR code.

The QR code redirects the patrons to the restaurant’s website where the menu was posted. It reduces the amount of physical things that have to be sanitized while also allowing each person a chance to browse at their own pace. It seems like a great idea.

QR codes are a great idea in our increasingly contactless world. Cybercriminals, however, are finding a way to exploit this new outlet. Of course they are.

The Scams

The scams aren’t foolproof. You have to be a willing participant. Scanning a code on the table of a restaurant is a low risk activity. It’s similar to using your chip card at a well known retailer, or allowing a trusted site to store your personal information. Our technology is here to make our lives easier.

While it may seem exhausting to have to keep an eye out for scams, just a little common sense can go a long way.

Scams include things that should seem a little off. Just like a phishing email, a QR scam has little idiosyncrasies that don’t quite line up.

Imagine you’re in a parking lot and a harmless looking lady approaches you. She only has cash and the machine where you pay only takes cards. She hands you a five dollar bill and asks that you scan the QR code she presents to pay for her ticket.

Related Reading  The Social Dilemma

While it may seem like you’re helping out, there are several red flags here. The first is that she only has cash. We are living in an increasingly digital world where cash is actually becoming less normal. The second is that she wants you to scan a code rather than paying for her parking at the designated machine in the lot. The third is that she’s producing the code rather than directing you to a place where it’s publicly posted.

This is a documented scam that, unfortunately, people have fallen for in the past.

Don’t Become A Victim

While the idea of scanning a QR code may seem a little scary, don’t shy away from this new technology. You simply have to be more proactive in what you scan.

If the interaction feels a little off, abstain from it. Ask if there’s a more secure way for you to pay or enter personal information. If there isn’t, then you probably want to avoid the transaction.

Like unsolicited phone calls or emails, never give out personal or banking information to a QR linked site that didn’t originate from a verified source. The lady in the parking lot with the code may sound ridiculous, but people have already fallen for the ruse. When in doubt, just say no.

Use a QR reader with built in features. As these codes become more widely used, security on them will increase. There are some QR reader apps out there that have features built in to monitor malicious code. That can save you a headache or worse in the future.

Related Reading  Tips to Avoid the Web(cams) of CyberCrime

Don’t just click “accept” on a QR scanned site. QR codes can install contacts, send emails, access bank information, add a preferred wifi network, and much more but you have to allow those permissions first. Make sure you’re reading what you’re agreeing to before actually saying “yes.”

Finally, you want to make sure you’re monitoring your bank, email, and social media accounts. If something looks a little fishy, shut it down. If you don’t know how to shut it down, a quick internet search can walk you through almost anything.

Final Thoughts

QR codes aren’t going away. They shouldn’t have to either. A little code on a table is a great way for us to access information quickly and safely, as long as we’re being proactive about what we let into our devices.

Keep an eye out, and, as always, stay safe out there.

Photo by Markus Winkler on Unsplash

 3,313 total views,  2 views today

(Visited 1 times, 1 visits today)

15 thoughts on “The QR Code Concern

  1. Greg, i’m sure glad you asked that question because I’ve always wondered what QR means; now we (all of us) all know.

  2. I have to agree with comment #3 (Peter says), Went to the Android App store, and 56 QR readers pop up. Have no idea what is good, bad, or just a scam. The author could have suggested a couple of good ones.

  3. Where I have used them are places like Whataburger (large burger chain in the South and East), Chick-Fil-A, and others that have programs where you earn points each time you buy and get a reward when you get so many. Similar to the reward program at Starbucks.

    One restaurant I frequent just went to the QR menu. They do have the printed one as well for those who don’t and can’t use the QR one. I used the QR one, but it is not as easy to scroll down to find what you want as opposed to looking at the low tech printed one,

  4. What about a situation where you feel quite secure in scanning a QR code at restaurant you think you can trust?
    The problem is the QR code displayed on a card on the table has had a sticker perfectly aligned over it, displaying a completely different QR code. So you don’t get to view the menu, but has the damage already done in so far as your payment details have by now been compromised to charge whatever? Just wondering what benefits can be obtained by a scammer this way?

  5. This assumes that everyone has a smartphone. Edward Snowden doesn’t; GCHQ people don’t; I don’t – and no one concerned about their privacy and security should.

    So QR codes aren’t acceptable for this reason alone: they shut a significant portion of the community out.

  6. If a wait staff asks me to scan a code to see the menu, I get up and leave. You can’t live your life via the cell phone. Show me the menu, fool!

  7. You are right, it seems to be a cobbled together article without much research andr help to the reader.
    “There are some QR reader apps out there that have features built in to monitor malicious code.” but not a single example of such an app.
    Very poor journalism.

  8. If they are going to print a QR code they might as well also print the URL of the menu.

    I also don’t blindly follow short URL links. At a minimum I will google the link URL and see if it checks out as legit.

    RE: the parking lot lady…

    Really? You aren’t going to finish describing the possible abuses of what her QR code actually does instead of paying her parking? Maybe instead of the small parking fee it is a spoof site collecting payment details to later charge much more? Maybe it links to a recurring charge that takes the same amount as the parking fee until cancelled? There are so many possibilities, but you only draw half the picture in the article.


  9. I get so many unwanted texts trying to sell me things. Would this QR code tract my phone number so I would get more unsolicited texts? I am 79 years old and can’t keep up with technology even though I love it.

  10. I wouldn’t scan the QR code to get a link to the menu. It seems fishy. Just give out the url of the web site! Or, have a sign on the table asking customers to text a specific number to get a link to the web site.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.