Scanning Unknown QR Codes

Before scanning an unknown QR codes, take a pause. You know QR codes, those square, blocky codes you scan with your iPhone’s camera to load a Web page, have become ubiquitous. So much so that we seldom pause before scanning any QR code we see. But if you think about it, that’s the same as clicking random links in emails or texts, which is a terrible idea from a security perspective.

“Quishing”

“Quishing” (QR code phishing) isn’t commonplace yet, but some sources say there are thousands of cases per month. To avoid falling victim to a quishing scam, only scan QR codes from trusted sources. To verify what a code will do once scanned, evaluate the yellow URL preview Safari provides on your phone. See the picture below and you can probably figure out where it might lead you. Finally, always install iOS security updates promptly because they often address vulnerabilities that could be exploited with malicious data. Read this article to get more in-depth with quishing.

You can also check out these previous articles – Help My Account has Been Hacked! and Audit Your Trusted Device List.