With the resurgence of QR codes, it's only a matter of time until someone starts printing phishing link QR code stickers and sticking them over innocent looking QR codes for restaurant menus and such.
Or people that are placing sticker QR codes everywhere are disabled when someone pulls off part of the alignment corners or other destructive ways to make valid QR codes unusable.
Some of the local city parking lots have switched to mobile app payment systems expecting people to scan QR codes. These have been disabled by making the QR code unreadable.
However, it would also be "easy enough" for people to make a payment system that looks like the legit system, and scam unsuspecting people attempting to pay for parking only to find their cars towed because it wasn't a legit payment.
There are certain things where QR codes are NOT the answer.
No, it's just a flaw in people using QR codes poorly. Too many people assume the best out of other people which is nice and all in lalaland kind of way, but in the real world, people actively look to get one over on people. QR codes are just way too susceptible to being interfered with by anyone with just enough knowledge and inclination to do so.
If the app payment system is the way to go (why not? not expensive onsite equipment), then it needs to be something other than a QR code that is easy to manipulate.
The problem is, for most people a QR code is just magic, they don't understand that it's just an encoded URL nor have any understanding of how that can be exploited.
It's not just an encoded URL. It could be any data. If you encode the infamous AV test string as a QR code, you can cause some mischief for things randomly scanning for codes. There was a post here not long ago about it. So they can be way more dangerous than just a Rick-roll or spam redirect
Why steal the money completely? I bet it would last way longer if you just skim a bit off the top but then use the rest to pay for their parking so they're not towed and don't have reasons to question anything.
I feel the same way as restraunts forcing menus to be QR codes. Now, instead of anonymously reading a menu, you now are forced to read a menu with who knows what kind of tracking enabled to order. Such a stupid stupid thing
A gas station near me has stickers on pumps with a QR code that supposedly links to a rewards app. I may be wrong, but I think it says something about paying through the app. Seems perfect for phishing.
