Malware

Malware (malicious software) encompasses software designed to harm computers and smartphones: viruses, ransomware, spyware, trojans, and adware. Infection leads to data theft, device locking, unauthorized ads, or remote control.

QR codes are increasingly exploited as malware distribution vectors. Attackers overlay fake QR code stickers on legitimate ones or embed malicious QR codes in phishing emails, directing scanners to malware download pages or phishing sites.

QR code malware attacks are particularly dangerous because URLs are invisible before scanning. Browser address bars reveal suspicious domains, but QR codes open pages before users can verify URLs. URL preview features help, but shortened URLs obscure actual destinations.

Countermeasures include checking public QR codes for overlay stickers, verifying domains after scanning, refusing unexpected app installation prompts, and keeping OS and browsers updated. Organizations distributing QR codes should use HTTPS with recognizable domains and avoid URL shorteners.