Jorge Ezeta thinks QR codes are incredibly convenient. He likes scanning them for more information on a product he might want to buy.
He said, "It really helps you make a shopping decision."
While that is helpful, you can't really tell what information is stored inside that code until after you have scanned it. And that can be bad, according to malware researcher Tim Armstrong with Kaspersky Labs.
"There's a danger inherent in using these types of systems," he said. "They can link to malicious websites or phishing pages just as easily as they can link to legitimate information."
Criminals set up the codes so that after they are scanned, the landing page asks you to click a link -- a link that could hijack your phone and your private information.
Armstrong explained, "Links go to all sorts of different other pages where they can collect user details. They can steal information."
You could fall victim to apps that will put your private info at risk. And you won't have a clue.
"The end user thinks they're downloading an instant messenger application or a new web browser for your phone but in fact these are just fake applications that are similar to real app, but in the background they're stealing your data," Armstrong said.
Or sending you a premium rate text message that, when you open to read, results in a five or ten dollars charge.
Armstrong said, "We haven't seen this type of attack until very recently."
Developers are working on protection software, but until that is created, be careful. Armstrong points out that right now, scanning the code isn't the problem -- it's when the code sends you to a link that you need to click that you need to watch out.
"Scan them, see where they go first and then make a decision," Armstrong said. "Be very wary of where these things are leading you. If you see these things out in the wild it may not be the best idea to scan them."
