I have to admit, I haven’t given much thought to QR codes, or how to use them, over the last year. I keep sort of waiting for a reason to really learn what there is to know about them. But, when I saw this post about QR code malware, my mind immediately flashed upon something.
Haven’t we been telling people for years now to always check the URL before clicking links, so that you won’t be taken to a malicious site? Not to click on any links in emails from people you don’t know, not to open unexpected attachments, to type in the URL for their bank or PayPal instead of clicking links, etc.? Doesn’t encouraging the use of QR codes sort of undermine that?
The whole point of QR codes, it seems, is for the end user to scan it using their smartphone, and have information presented to them or be taken to a specific site immediately. In the interest of security, do we really want to encourage that sort of behavior?