Security experts say that QR codes could unlock phone to hackers. An insight

Though QR codes are literally everywhere, any hacker can access your sensitive data and your funds and redirect it towards criminal purposes. Here's what you can do to avoid being stuck in a bad QR code scam.

You can find a QR code on literally everything today- right from restaurants, auto rickshaws, kirana stores, and even at the local trains. These black-and-white codes are a business owner's digital business card and even makes for a convenient way to check out menus at high-end restaurants. 

Scanning a QR code has become an addiction of sorts and has become rampant because they are oh-so-convenient and so accessible. 

But but but

They can also be a dream entry point for hackers.

Especially, when they are on public display and shown as advertisements or are stuck as random stickers.

For eg: Just look at the 2022 Super Bowl Coinbase commercial that featured a multi-color QR Code bouncing on the screens. 

More than 20 million people scanned this random code. Though this seemed to be a Bitcoin ad, this ad just proves that we will also tend to scan for codes out of curiosity.  

And this could be dangerous. 

Here's How: So, usually QR Codes or Quick Response Codes are generally easy to read for our phones or camera-equipped devices and once scanned, the information is translated, and users are redirected to a website URL or some app. Since they are so easy to use, we generally scan them without a second thought. 

But in early 2022, an FBI notice mentioned how some cyber hackers began tampering with legitimate QR codes (both physical and digital) and redirected victims to malicious sites, thus stealing their login and financial information. Though we scan a code thinking that it is legitimate, cybercriminals take advantage of this technology by: 

1. Directing QR code scans to malicious sites to steal a person's data
2. They then embed malware to gain access to a person's device and steal their location, and personal and financial information
3. And then redirect payments for cybercriminal uses.

Thus, you need to be cautious when you enter financial information and when you provide payment details to a site that is opened through a QR code.

So how do you exercise caution? 

Since the law cannot guarantee the recovery of lost funds after you have transferred money, here's what you can do:

1. Turn on multi-factor authentication (MFA)

2. Never download apps from QR Codes

3. Don't scan through every other UPI Id. Slow down. 

4. Check for signs of physical tampering or spelling errors. 

5. If you get a QR code on your email, chances are the QR Code might take you to an entirely unrelated website. Beware of spending time on such sites since attackers can create clone URLs and use this website to fish out your information. 

6. Check if the information on the website and the QR Code makes sense. 

7. If you receive a QR code that you believe to be from someone you know, reach out to them through a known number or address to verify that the code is from them.