Ever since the pandemic, QR codes have been everywhere. From supermarket checkouts to restaurant tables, these boxes let you view menus, download apps and access websites with one simple tap on the screen. They cut down on a huge amount of time and hassle, but beware: a new warning has been issued about these handy scannable graphics, as they're allegedly being misused by scammers and cybercriminals.
The practice, known as 'QRishing', involves the substitution of real QR codes with fake ones which can redirect victims to dodgy website links and even payment pages. If tricked, iPhone and Android users can then find their bank accounts are raided or user names and passwords handed over to cyber crooks.
READ MORE: Millions of Brits fail to spot these online scam red flags - check your browser now
As a result, iPhone and Android users are now being urged to follow four key rules before opening a QR code link on their devices.
Here's what you need to do before loading up a QR code - 4 rules not to ignore:
- Be wary of 'random' codes in public places or anywhere where there's no clear context for it. For example, it's a bad idea to simply scan a QR code you've spotted on the side of the road.
- Check the URL of a QR code before opening it. When you scan a QR code on your phone, a small preview of the link in question usually pops up. Give this a quick glance and maybe look it up online before clicking on it.
- On that note, look up the source of a QR code. That doesn't just mean the link itself, but who placed it there.
- Double check any QR codes related to payments. These are often offered as an easy way to pay for something, even in big chain restaurants like Wagamama in the UK. But you should double check the details of whoever you're sending something to before you transfer any money.
Tech CEO Peter King of AI Product Reviews said: "Creating a counterfeit QR code is alarmingly easy. Criminals unscrupulously place these in public places, from transit stops to restaurant menus, preying on the unsuspecting public."
Over the last year, there have been a number of examples of 'QRishing' including in the UK. For example, a number of drivers have been caught out by fake QR codes in British car parks which redirect victims to scams instead of the official parking payment.