[Reading time: 2 minutes]

Do you remember when restaurant menus posed a serious risk to public health?

During the Covid lockdown(s), many restaurants replaced their printed menus with QR codes, due to fears that customers would catch ‘The Covid’ from touching their menus*.

When you were shown to your table, a staff member would tell you to download the menu using the restaurant’s QR code. The QR code would usually be displayed in a prominent position – e.g. stuck to the table or on a poster on the wall.

A QR code is a handy alternative to typing in a website URL. Point your phone’s camera at the QR code and it will bring you to a specific web page.

They are everywhere – bus stops, newspaper advertisements, public toilets (Don’t ask..)

While QR codes are handy, they are also hazardous.



Because, criminals know that we will never click a link to a dodgy website, but we will trust a QR code that will bring us to that same dodgy website.


So what?

It is now a common occurrence to see malicious QR codes stuck to walls, or even placed on top of genuine QR codes. It doesn’t take a criminal genius to work out how to use a sticker.

If you scan the malicious QR code, you will be brought to the criminal’s website. Once there, you will be encouraged to reveal your bank card details. Alternatively, you may reveal other personal data that could be used for a future attack.

The Mail on Sunday discusses some recent scams, including the threat posed by parking meters in the Isle of Wight. The article also including advice from Stephen Burke of Titan HQ**.


Tl;dr – Be careful with QR codes. They can’t be trusted.


* If there are any restaurant owners reading this, that time has now passed. Please bring back real menus. But please try to clean them now and again, so your menus don’t continue to pose a serious threat to public health.

** Not only is Stephen Burke a security expert, he is also a fellow resident of County Kildare, Ireland’s Silicon Valley of.. people who talk about cybersecurity.