Phishing campaign authors will love this. It normalizes users scanning barcodes they can’t read to go to unknown locations on a device where it’s harder to see the URL and there’s no IT watching for phishing activity.
Exactly my thoughts, too. QR codes are a great tool, but also an incredibly valuable and opaque vector for scams.
The was one recently where they put scam QR stickers over parking payment signs, so users gave their credit card details to scammers. How are you supposed to catch that, as the end user? It’s not like you know the URL you’re supposed to be going to.
Normalizing scanning QR codes just to access a website is going to be abused by scammers in no time.
Phishing campaign authors will love this. It normalizes users scanning barcodes they can’t read to go to unknown locations on a device where it’s harder to see the URL and there’s no IT watching for phishing activity.
Exactly my thoughts, too. QR codes are a great tool, but also an incredibly valuable and opaque vector for scams.
The was one recently where they put scam QR stickers over parking payment signs, so users gave their credit card details to scammers. How are you supposed to catch that, as the end user? It’s not like you know the URL you’re supposed to be going to.
Normalizing scanning QR codes just to access a website is going to be abused by scammers in no time.