QR code malware – threat or histeria?

QR Code malware, threat or histeria?

While driving to my destination I was able to pick up the end of a BBC report about the dangers of using QR codes from a smartphone, Android devices in particular.

The story intrigued me on account of the fact that this was an old news item, released about a year ago among the various online techie channels, when Kasperky Internet Security labs detected a threat from a Russian site.  Scanning the code in question enabled the downloaded of a Trojan on your phone which in turn then fired hundreds of premium rate SMS message, without the user knowing, well at least not until they got the bill, nice!

I am not aware of other major outbreaks of QR code malware since, so it seemed odd that the venerable BBC had to pick this item up a year later. Maybe I missed the start of the piece, or it was just a slow news day and one of their researchers had decided to use a press release from said internet security firm?  We will never know, but the idea that your average Radio 4 day listener would busy himself scanning QR codes,  from their Android phones,  is almost akin to Radio 1 telling its audience that a daring tango move on the dance floor may cause injuries; really too funny for words.  I hasten to say I do like Radio 4, but it was an incongruous news item nonetheless.

The second quick point I feel I have to make is that if you are dumb enough to scan something from an unknown and untrusted source then of course you open yourself up to threats.  This applies to phones, internet browsing and even to non digital activities.  Would you, for example, take a sip from an unlabelled and unidentified bottle?  I think not.  Why should people think that it’s OK to do so online remains one of those unsolved mysteries of life.

This, by the way, is more or less what the presenter in question also said (comparing it to crossing the road, to bring the analogy closer to its audience, I guess!).  So if you still have any doubt, do treat QR codes with the same respect as you treat URLs and don’t start filling up your mobile phone with loads of security software either.  If you can’t cope with the age of fast communication, quick decisions and exhilarating opportunities (as well as threats),  sell your smartphone and buy yourself a notepad and a pen; typewriters I am afraid are no longer being made, but that was last week’s story (probably to be repeated a year hence on Radio 4?).


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s