A staggering 3 million Britons have found themselves visiting an untrustworthy site — risking exposure to malware and scams — after blindly scanning a QR code, new research cautions.
Security researchers have studied the British public’s attitude to QR codes, which have existed since the mid-90s but exploded in popularity during the Covid-19 pandemic when restaurants, shops, and pubs wanted to prevent customers from sharing printed menus and other physical items.
Almost three-quarters of Brits surveyed (72%) did not check a QR code before scanning it to launch a dedicated app, app store listing, payment portal, or website. A meagre one in six people were aware that QR codes could be used to proliferate scams, the researchers found.
According to the research, which was commissioned by the security specialists at NordVPN, of the three million Britons who admitted to finding themselves on dubious sites after scanning a QR code, one in six (16%) fell prey to cybercriminals and had their personal data stolen.
QR codes have become a popular way to access hands-free menus, place orders with a smartphone, or sign-in to new Wi-Fi networks in hotels and AirBnBs
GETTY IMAGES
QR Codes were developed by Japanese firm Denso Wave — a division of Denso, which is a subsidiary of automobile giant Toyota — to track parts during the car assembly process. The pattern that makes up a QR code can house a surprising amount of information — up to 4,000 characters of text, as it turns out. This can be used to direct users to URLs, phone numbers, PDF documents, or kickstart a download from the Apple App Store or Google Play Store.
QR codes are sometimes used to authenticate online accounts and verify login details. When launching a new session on WhatsApp Web, iPhone and Android users will need to scan a QR code on their laptop or desktop PC to verify they're the account owner.
In response to the lack of awareness around QR codes, which can be the equivalent of clicking an unknown link in a strange email, NordVPN is urging consumers to exercise heightened vigilance.
Marijus Briedis, Chief Technology Officer at NordVPN, comments: "In our increasingly digital landscape, QR codes have become indispensable for their convenience in various daily tasks, from connecting to Wi-Fi in coffee shops to streamlining orders at restaurants like Wetherspoons.
“However, blindly trusting QR codes can inadvertently expose users to cyber scams. It's vital to approach them with caution and awareness of potential risks.
“To safeguard against falling victim to scammers, there are proactive steps you can take.
“Before scanning a QR code, ensure it originates from a reputable source and verify with the venue that it belongs to them. Also consider using a dedicated QR code scanning app instead of the default camera app for added security measures, as these apps can often detect malicious sites or software.
“If a QR code redirects you to an unrelated or suspicious website, refrain from providing personal information and exit the page immediately. By adopting these precautions, users can enjoy the convenience of QR codes while minimising the risk of exploitation by cybercriminals.”
LATEST DEVELOPMENTS
Gen Z and Millennials are the most avid users of QR codes among all age groups. A third (31.5%) of individuals aged 18 to 34 use QR codes to access public Wi-Fi. Meanwhile, 28% of those aged between 18 and 24 express a preference for QR codes over physical menus in restaurants and pubs.
Over half (56%) of people opt for the convenience of scanning codes directly onto their smartphones using built-in cameras, while just over a quarter (27%) prefer to use a dedicated QR scanning app.
