QR codes are easy to use, and an irresponsible scan may expose you to phishing or malware. This is a simple routine that should be used anytime to be safe. First, inspect the code. Do not use QR codes on stickers that will be overlaid on other codes, on random flyers, or in spam messages. In case it seems to be played with or it is found in a strange location (elevator walls, poles on the street having no obvious owner), leave it alone. Then you can either use that inbuilt camera on your phone with link preview enabled, or a trusted QR app that allows you to view the URL preview before accessing it. Once the connection is established, read it thoroughly: spellcheck and look at the presence of the https prefix as well as the domain name should be the brand (i.e., not example-security.com but example.com). When it requests that you log in, pay or enter personal information, pause and instead use either a manual search by typing the official site in your browser or using the app belonging to the brand. Do not download apps, APKs, or files through a QR code. In case of scanning on a shared Wi-Fi network, enable a VPN to encrypt the traffic, and make sure that your phone OS and security software are updated. In case you open something suspicious by mistake, shut the page, delete the browser history, and do not write anything.
