QR codes are going through a renaissance today. All businesses are focusing on how they can protect employees, customers and suppliers during the pandemic by adopting touchless transactions and services to provide a safer, more streamlined buying experience. Fraudsters are quick to capitalize on the opportunity QR codes’ soaring popularity present too. Combining social engineering with QR codes that can be created in a second, fraudsters are using them to open victims’ bank accounts and drain it within seconds, install malware, penetrate entire corporate networks and more.
QR Codes Are the Perfect Threat Vector for Fraudsters
Just as the pandemic has accelerated digital transformation by the necessity of protecting peoples’ lives quicker than any business case could ever match, QR codes’ renaissance is just as surprising to many businesses who had written them off. What makes QR codes such a stealthy, dangerous threat vector is how trusted and misunderstood they are. Of the many surveys of QR code adoption today, MobileIron’s QR Codes: Consumer Sentiment Survey provides insights into why QR codes’ popularity is increasing and the threats associated with them. The study is based on interviews with over 2,100 consumers across the U.S. and the U.K. Please see page 22 of the study for additional details on the methodology.
Key insights from the study include the following:
- 71% of respondents cannot distinguish between a legitimate and malicious QR code and nearly 17% have had a QR code misdirect their mobile device to a suspicious site. While three-quarters of respondents can’t easily identify a malicious QR code, it’s fascinating to see that 67% can identify if a URL is legitimate or malicious. One in five respondents has had a QR code misdirect them to a suspicious site. The majority (60.7%) believe that hackers can target victims with QR codes. The following is a summary of the survey’s findings.