Two-thirds of consumers don’t know what a QR code is, and just 19% of UK consumers have ever scanned one. But with more and more businesses and marketers experimenting with QR codes, awareness and usage are almost certainly going to be rising.

That means one things: QR codes will increasingly be a viable target for hackers and criminals. In fact, according to antivirus vendor Kaspersky Lab, they already are.

In one recent incident in Russia, a QR code was used to drive unsuspecting victims to an Android malware app that sent SMS messages to a premium rate number. This, of course, provided a means for the individual or individuals behind the malware to profit at the expensive of their victims.

Needless to say, this won’t be the first or last incident we hear about involving QR codes and malware.

In fact, QR codes are arguably a wonderful tool for hackers and criminals. Users can’t see where a code will take them before they scan it, and as consumers get more familiar with seeing them advertisements in the physical world, we can expect savvier criminals to bring their exploits to the real world.

For instance, a criminal could plaster legitimate-looking ads featuring a malicious QR code onto a wall, billboard, or other physical medium, easily exposing it to thousands of potential victims on a daily basis. Specific attacks are already being imagined.

Obviously, nobody should panic. Malware isn’t going to kill QR codes. But if they are going to go mainstream in a big way, malicious codes are going to have to be dealt with sooner rather than later.

Already, major antivirus software vendors offer mobile antivirus solutions, but it’s unclear how effective most of these really can be.

If the recent incident highlighted by Kaspersky Lab is any indication, the market for mobile security is going to need to change, and quick.