The risk is exactly the same as clicking on a link on the internet. There is no additional risk. You could type the link in your browser manually after decoding and the exact same thing would happen. That's because most QR codes are simple links. The ones that aren't are things like cards, wifi credentials, etc. But most of them are links. You click on them by scanning them. The same mechanisms that make using the internet a mostly safe experience that billions of people enjoy on a daily bases, also apply to qr codes. Because it's the exact same browser that opens them.
So, use common sense here. Links and QR codes are everywhere. And people click or scan them all the time at their own discretion.
This is not like 1995 all over again. All the same protection mechanisms that we've put up since then for links also work for QR codes. There's no real difference between a link I email you and a QR code that you encounter in the wild. You click or scan them and a browser opens and does its thing. I mention email here because email clients typically don't really restrict what you can do with links in them. There's a reason for that: people send a lot of links via email and links are useful. So the fact that some bad actors send people evil links via spam, is not enough reason to disable the feature.
QR codes are just a way to provide links for people to "click". It's not even a new way because they've been around for quite long. The US and Europe are late to this party. Most of the rest of the world already runs on QR codes for quite some time. Especially places like China and Japan.
Ps. I run a company that uses QR codes a lot. They solve a lot of issues for us. IMHO they are severely underused currently.
So, use common sense here. Links and QR codes are everywhere. And people click or scan them all the time at their own discretion.
This is not like 1995 all over again. All the same protection mechanisms that we've put up since then for links also work for QR codes. There's no real difference between a link I email you and a QR code that you encounter in the wild. You click or scan them and a browser opens and does its thing. I mention email here because email clients typically don't really restrict what you can do with links in them. There's a reason for that: people send a lot of links via email and links are useful. So the fact that some bad actors send people evil links via spam, is not enough reason to disable the feature.
QR codes are just a way to provide links for people to "click". It's not even a new way because they've been around for quite long. The US and Europe are late to this party. Most of the rest of the world already runs on QR codes for quite some time. Especially places like China and Japan.
Ps. I run a company that uses QR codes a lot. They solve a lot of issues for us. IMHO they are severely underused currently.