QR Codes Can Be the Start of a Malicious Hack

Home » Blog » QR Codes Can Be the Start of a Malicious Hack


  • 5.3B codes are predicted to be redeemed by 2020
  • 11M households will scan a QR code this year
  • 71% will not know if it is the start of a malicious hack
  • QR-based coupon codes are among the fast-greatest threat vectors

What are QR Codes?

A QR code is a two-dimensional version of a barcode, typically configured of black and white pixel patterns. They were originally developed for marking components to accelerate logistics processes in automobile production. Today, QR codes are being used for mobile marketing with the widespread adoption of smartphones. QR stands for “Quick Response”, which refers to the instant access to the information hidden in the code.

QR Codes are the Perfect Threat Vector

What makes QR codes such a stealthy, dangerous threat is how trusted and misunderstood they are. With their popularity increasing, the threats associated are too.

MobileIron’s QR Code: Consumer Sentiment Survey identified the following key insights:

  • 71% of respondents cannot distinguish between a legitimate and malicious QR code
  • 17% have had a QR code misdirect their mobile device to a suspicious site
  • In the last six months, 35% of respondents scanned a QR code at a restaurant, bar, or café; 37% at a retailer; 32% on a consumer product

10 Ways a QR Code can Hack Your Mobile Device

  • Add a Contact Listing
  • Initiate a Phone Call
  • Text Someone
  • Write an Email
  • Make a Payment
  • Reveal Your Location
  • Open a Webpage
  • Create a Calendar Event
  • Follow Social Media Accounts
  • Add a Preferred Wi-Fi Network

What this Means for You

Mobile devices are used for everything these days. That being said, they have access to family, friends, social media, finances, and more. Many employees are also using their mobile devices for work – checking email, calendar, and accessing the network. When a phone gets hacked, it has an impact on the individual but also a broader group, such as their business.

The hack could be as simple as redirecting you to a fake login page, which then captures your password. But, it could be as complex as gaining access to your email accounts, from which the fraudster can send emails on your behalf to request bank transfers, admin rights, login credentials, and other sensitive activities.

[What you need to know about Business Email Compromise]

It all comes down to you – take precautions when scanning QR codes. If you are not comfortable with the source, then do not scan it. Don’t let QRiosity get the best of you!

For your business, it is imperative to have a mobile device management plan. This will protect your network from any malicious devices that connect, whether that be employee, client, or otherwise. Better safe than sorry!

VIDEO: Don’t Let QRiosity Get the Better of You

Helping Business Grow

Subscribe To Our Newsletter

Newsletter Signup