Click for Philadelphia, Pennsylvania Forecast
Loading
Print This Issue
Subscribe:
E-Almanac

Mobile
Version
rss
RSS
Feed
Print This Issue
Printer
Friendly
Print This Issue
Email
Page
Calendar
Almanac Between Issues
Latest Issue
Past Issues
Deadlines
Place Ad
Penn Directory
FAQs
One Step Ahead
PDF
Print Issue
February 12, 2013, Volume 59, No. 21

OSA

Another tip in a series provided by the
Offices of Information Systems & Computing and Audit, Compliance & Privacy.

Be Aware of QR Code Risks

Most of us are familiar with Quick Response (QR) codes—the two-dimensional bar codes that contain a link to a website and can be read by smartphone cameras with supporting apps. (An example is provided below.) These codes make it possible to reach websites through the simple action of scanning.  However, did you know that in addition to providing this new level of convenience, QR codes can present significant risks?

For example, imagine that you’re walking by a poster advertising a movie, and you notice that it includes a QR code.  Since you’re interested in the movie, you pull out your smartphone and scan the code—only to arrive at a blank url. What you don’t know is that the QR code is in fact a sticker attached to the poster by a fraudster. When you scanned the code, a malicious program was installed on your phone; it is now sending premium texts to out-of-country numbers and racking up substantial charges on your phone bill.

One way to avoid QR code risks—such as installation of malware, or connection to phishing sites—is, of course, to avoid scanning them. Instead, you can use a trusted search engine to find information or type in known web addresses yourself. 

However, if you do choose to use QR codes, here are some tips from the Get Safe Online organization for using them safely:

  • Be sure that any QR code reader app you download is from a trusted source.  
  • Be aware that some commonly-available QR code readers include the ability to check the authenticity and safety of destination websites before you are taken there. 
  • When possible, check visually for any indications that a QR code has been tampered with (for example, replaced by a sticker). 
  • Never enter personal information on a website to which you have been directed from a QR code.
  • For more information visit https://www.getsafeonline.org/smartphones-tablets/qr-codes/

 

 
Almanac - February 12, 2013, Volume 59, No. 21