Two-thirds of consumers don't know what a QR code is, and just 19% of UK consumers have ever scanned one. But with more and more businesses and marketers experimenting with QR codes, awareness and usage are almost certainly going to be rising.

That means one things: QR codes will increasingly be a viable target for hackers and criminals. In fact, according to antivirus vendor Kaspersky Lab, they already are.

In one recent incident in Russia, a QR code was used to drive unsuspecting victims to an Android malware app that sent SMS messages to a premium rate number. This, of course, provided a means for the individual or individuals behind the malware to profit at the expensive of their victims.

Needless to say, this won't be the first or last incident we hear about involving QR codes and malware.

In fact, QR codes are arguably a wonderful tool for hackers and criminals. Users can't see where a code will take them before they scan it, and as consumers get more familiar with seeing them advertisements in the physical world, we can expect savvier criminals to bring their exploits to the real world.

For instance, a criminal could plaster legitimate-looking ads featuring a malicious QR code onto a wall, billboard, or other physical medium, easily exposing it to thousands of potential victims on a daily basis. Specific attacks are already being imagined.

Obviously, nobody should panic. Malware isn't going to kill QR codes. But if they are going to go mainstream in a big way, malicious codes are going to have to be dealt with sooner rather than later.

Already, major antivirus software vendors offer mobile antivirus solutions, but it's unclear how effective most of these really can be.

If the recent incident highlighted by Kaspersky Lab is any indication, the market for mobile security is going to need to change, and quick.

Patricio Robles

Published 21 October, 2011 by Patricio Robles

Patricio Robles is a tech reporter at Econsultancy. Follow him on Twitter.

2647 more posts from this author

You might be interested in

Comments (4)


James Robertson, Web Marketing Manager at

Interesting; I experiment with QR codes but in a mobile aware environment (a University) one I published on a very highly trafficked TV screen (in a campus-centre coffee house) got 3 scans in 3 weeks - and 2 of those were me and my assistant!

I think the critical failure here is the fact that you cannot see where they will take you - that coupled with the extremely low awareness makes me think they are a "surpassed technology" - in the sense that by the time the mass market is ready for them, better, quicker and easier technologies will be commonplace...

... - such as the "ufurl" - userfriendly URL that is; in fact, even though I am a technophile it will still take me less time to go to than to start the scanning app, scan the code and then go online....

almost 7 years ago


SEO Berkshire

Hmm, this is a hard one to predict when you consider the function of QR Codes. You must also remember how up to date the world is with QR codes as a technology.

almost 7 years ago



I think QR Codes will kill QR Codes, not malware

almost 7 years ago



almost 7 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.