Among the many technology impacts of the coronavirus pandemic is a rise in the use of QR codes. Naturally, bad actors are taking advantage of this opportunity and the vulnerabilities of this mobile technology to launch attacks. Security teams need to be on top of this threat.
A research report released by mobile security platform provider MobileIron in September 2020 shows that QR codes pose “significant” security risks for enterprises and end users. The company surveyed more than 2,100 consumers in the US and UK, and nearly half (47%) said they’ve noticed an increase in QR code use. That’s in large part because the codes make life easier in a world in which contactless transactions have become desired or required.
A majority of those surveyed, 84%, said they have scanned a QR code, with one-third most recently having scanned a QR code within the past week. Consumers have scanned codes at retail stores, restaurants, bars, and other establishments, and many want to see QR codes used more broadly as a payment method in the future.
At the same time, the report noted, more people are using their own unsecured devices to connect with others, interact with a variety of cloud-based applications and services, and stay productive as they work remotely. They’re also using their mobile devices to scan QR codes for everyday tasks, putting themselves and enterprise resources at risk, it said.
QR exploitation is simple and effective
Attackers are capitalizing on security gaps during the pandemic, the report says, and increasingly targeting mobile devices with sophisticated attacks. Users are often distracted when on their mobile devices, making them more likely to be victimized by attacks.