News has been spreading over the internet that some malicious QR codes have viruses that have caused problems for some users in the UK.

Kapersky Laboratory warned, “People should be careful the next time they scan a QR code, it might just cost them money and wreak havoc on their smartphones.”

Understand that QR codes themselves do NOT contain viruses or anything that can harm your phone. It is the destinations they take you to and the resulting downloads you approve that can do the damage.

Last month, an incident happened in Russia, wherein consumers thought they were downloading an Android App called Jimm. The app downloaded actually contained malware which sent premium messages to SMS codes costing individuals a rate of $6US per text for each message sent.

Tim Armstrong, malware researcher at Kaspery, said that premium rate numbers operate similar to 900 numbers in the US. The four-to-five digit numbers charge for each incoming text, which costs a lot of money for the unsuspecting users. Armstrong further said that it is much more difficult to set up such numbers in the US, but cyber thieves will soon be able to do that, which could theoretically attack US consumers the same way it attacked Russian’s. “Furthermore, these infected QR code destinations, can also be used for phishing scams.”, he added.

Security experts have suggested that consumers be over-cautious about scanning unknown QR codes.

Make certain they are from a trusted and known source. For example, at Gotcha! Mobile Solutions, Inc. from Dallas, TX, QR codes are generated with a micro security number next to them and this number can be typed in on their website in their “QR Code Security Check” where the creating company can be identified. Also, companies like Gotcha! redirect their codes to be able to provide analytics. This means that any malware reports on their codes can be immediately rectified by their internal security personnel and the infecting codes can be disabled.

Also, as Armstrong noted, there’s an interim step between scanning the code and launching an app that can determine if the consumer has been scammed. In other words, if you scan a code that has been advertised to play a video and it begins to do something different, shut the opening app down to disable the function.