A picture is worth a thousand malcious websites

I’ve had quite a few views of my quick post on generating a QR code. QR codes DO have a down side as highlighted in this post from the Internet Storm Center.

These [qr] codes can link directly to browser exploits, or could include other malicious content to manipulate your phone.

As I just confirmed by scanning the code on the ISC page, one of the most popular QR Code apps for the iPhone, Scanlife  does NOT “tell you what URL they are going to open up before they actually load it.” The app immediately loads the page, which is a fairly large security risk. As far as I can tell the app (v3.12 at time of writing) provides no optional setting to view or stop the page from loading once scanned.

Moral of the story, random scanning of QR codes can be quite dangerous so watch yourself.

Advertisements

One Response to A picture is worth a thousand malcious websites

  1. Pingback: Quick & Dirty QR Code Generator Using Coldfusion & cfimage tag « Sid’s FishNet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: