Safeguarding Yourself from The Surprising Dangers Lurking Behind QR Codes

/

Malicious QR Codes are Hidden Everywhere  

QR codes have become a common part of everyday life. They can be found in restaurants, parking lots, social events, product packaging, and even in unexpected places, like on modern gravestones. It is understandable, after all, that they are easy to use and very practical. We are so used to seeing them everywhere that it is easy to overlook the risks they can carry. According to the Anti-Phishing Working Group (APWG) in its Q1 2025 report, over 1.7 million unique malicious QR codes were detected by cybersecurity researchers, along with “an average of 2.7 million emails with QR codes attached daily”.


How Does a Malicious QR Code Function?  

QR codes work by encoding information into a square pattern that can be read by a scanner or camera. This information can include a URL, text, or contact details. QR codes are fast, reliable, and capable of storing much more data than traditional barcodes. However, because the content is encoded within the pattern, attackers can exploit this to hide malicious links or actions. Some devices and apps show a preview before opening a link, but not all do, and users often do not inspect the preview carefully, making QR codes a useful tool for phishing and other malicious attacks. 

QR codes Can Be Exploited in Various Different Ways 

1. Phishing Campaigns (Quishing) 

Attackers can embed URLs in QR codes that redirect users to phishing sites designed to steal personal information, login credentials, or financial details. Since users often do not see or carefully check the URL before opening it, they may not realize they are being directed to a fraudulent website. This tactic is widely used because of its high effectiveness. 

2. Malware Distribution 

QR codes can also direct users to websites that prompt users to download malicious software onto their smartphones or computers. If users proceed with the installation, the software can infect their devices with malware. Although most devices require user permission to complete the installation, attackers often rely on social engineering tactics to overcome users’ caution. 

3. Fake Payment Requests 

Scammers can create fake QR codes or replace legitimate ones in public places (known as QR code tampering), to redirect payments to their own accounts. This method is commonly used in situations like parking meters, charity donations, or sending them via email or chat, tricking victims into unknowingly sending money to cybercriminals. 

5 Quick and Easy Steps to Take in Order to Safely Scan and Verify QR Codes 

There are 5 steps that one can easily and quickly take to better safeguard themselves and their data against Malicious QR codes.  

1. Inspect The QR Code Source 

Before scanning a QR code, make sure it comes from a trusted source. Be cautious of codes found in public places that look out of place, are poorly printed, or appear to be stickers placed over original codes. Watch out for posters or messages with QR codes that try to grab your attention or offer something that seems too good to be true. 

2. Verify the URL Before Clicking  

Most modern smartphone cameras display a preview of the link or information encoded before opening it, allowing users to review what type of content is behind the QR code. Before clicking any links, always take a moment to verify the URL is legitimate and a trusted website and not an imitation with misspellings or suspicious characters. Be cautious with shortened or unclear links, as attackers may use link obfuscation to hide malicious destinations. If anything looks off, it is safer to type the known URL manually into your browser.  

 In case your device does not display a preview of the QR code, consider installing a camera or scanner app that allows you to view the content before opening it. Always use trusted QR code scanning apps from reputable sources to ensure your security. 

 3. Avoid Entering Sensitive Information 

Never enter sensitive information on websites accessed through QR codes unless you are certain the site is legitimate and secure. Cybercriminals can create fake websites to steal personal identifiable information, login credentials, credit card numbers, or other confidential data. If scanning a QR code opens a form asking for personal details, especially in a public space, consider it a red flag and think twice before entering anything. Always verify that the site uses a secure HTTPS connection and that the domain name is correct and trusted. You can also search for the site online for verification. 

4. Do Not Download Files from QR Codes 

QR codes can take you to websites asking you to download files, especially software or apps. While this might seem convenient, it is a common method used by cybercriminals to install malware. Unless you trust the source, avoid downloading anything it points to. Instead, use official app stores or trusted websites when downloading or installing software. 

 5. Keep Devices Updated and Use Anti-Malware Software 

It is important to make sure that your device and apps stay updated. Those updates often fix security vulnerabilities that cybercriminals could exploit. Additionally, installing anti-malware software adds another layer of security and can help detect and block potential threats before they cause harm. 

Stay Safe and Stay Aware  

Using QR codes to deliver attacks remains a common and growing threat in 2025. This technology has become a part of everyday life, and most people use it without a second thought. That convenience also makes QR codes an easy target for cybercriminals. As technology advances, so do the tactics used to exploit it. That is why staying alert matters. Taking a moment to check a link can help you avoid much bigger problems. 

Author: The Safeguards Consulting, Inc. Cybersecurity Team 

Embracing Connection and Growth through SMPS Palmetto and The AEC Industry: A Reflection Piece from Our Marketing Operations Lead

/

In May 2022, amidst my college academics, at North Greenville University, I decided to kick-start my career early as I began my first internship. The internship was with Safeguards Consulting, Inc., which is a private technical consulting firm based in Greenville, South Carolin, as a Marketing Operations Specialist.  

At this point, you may be wondering what an employee at a physical security firm is doing writing a blog post related to the Society for Marketing Professional Services (SMPS) Palmetto Chapter. Our firm collaborates with AEC firms so that we can work closely with our clients to address their security needs and provide solutions to their critical facility needs as their most trusted advisor. Furthermore, our team has extensive experience with large enterprise systems, whose size and integration challenges offer a unique specialty that we believe will benefit our AEC friends.  

When I first started at Safeguards Consulting, I had limited work experience and little to no knowledge of security and the Architecture, Engineering, and Construction (AEC) industry. However, two years later, I am proud to say that I am now the firm's Marketing Operations Lead and an active member as well as Committee Director of SMPS Palmetto. Over the last three years, I have gained a wealth of knowledge and expertise through my work at Safeguards Consulting. My experience with Safeguards Consulting also influenced my decision to join SMPS Palmetto through my firm in March of 2024.  

Joining SMPS has profoundly changed both my career and my perspective on the marketing and professional services industries. As I reflect on my time spent so far as a member, I am excited to share my positive experience as someone who was new to the industry.  

SMPS's professional development resources have helped me significantly expand my network. I have had the opportunity to make meaningful connections with professionals from various industries. The relationships I have formed through SMPS have also led me to community, invaluable insights, and new opportunities; each of which has contributed to my success in the workplace.  

From the moment I joined, I was welcomed into a vibrant community of marketing professionals who are passionate about their work and dedicated to excellence. The camaraderie and support I found within the SMPS network helped to push myself outside of my boundaries and expand my industry knowledge. Whether attending local chapter events like our monthly Empower Hours, online webinars, or our annual conference, I have had the opportunity to connect with numerous industry leaders and peers who inspire and motivate me. As someone who was new to the industry and still learning how things work, our members have been an excellent resource to me. My relationships with them have helped me develop my networking skills, broaden my knowledge of the AEC industry, gain valuable industry insight, receive useful industry advice, and improve my overall skills.  

Additionally, as a woman in the security industry, it has been particularly refreshing to see and meet so many outstanding women from the AEC industry through SMPS. Additionally, being a younger woman, it is extremely empowering to see so many women in higher-level leadership positions collaborating to advance and grow the industry. The female SMPS members have not only been encouraging, but they have also served as excellent role models and mentors.  

One of the most significant advantages of being an SMPS member is access to an abundance of educational resources and invaluable insights. From proposal expertise and website design advice to navigating AI, SMPS has it all covered with a variety of workshops, seminars, and webinars focusing on the latest trends, strategies, and best practices in marketing professional services. These learning opportunities have not only improved my skills but have also given me the authority to implement innovative approaches within our company. The knowledge gained has been extremely useful in navigating the complexities of our ever-changing industry.  

In addition, SMPS has encouraged me to pursue new opportunities. Several examples include serving on my first industry committee, attending my first solo conference, and joining my first industry organization. All these new opportunities and experiences came to me as a result of my wonderful connections with other SMPS members. Aside from professional development, SMPS has instilled in me a sense of purpose and dedication to giving back to the community. Volunteering for various initiatives and committees has allowed me to give back to the organization while developing my leadership skills. Working alongside dedicated professionals to advance the industry has been both rewarding and empowering. Since March of last year, I have been proudly serving on the Communications Committee. I served as our Communications Committee Co-Director last term, and as of this month, I am starting my new role as Director for the 2025 – 2026 term. So far, it has been a fantastic experience for me, as I have gained valuable knowledge by learning about many new software programs/tools and how an industry committee operates.  

In conclusion, my experience as an SMPS member as a newcomer to the industry has been nothing short of transformative. The combination of mentorship and community, invaluable insights, and new opportunities has enriched my professional life in numerous ways. I encourage anyone in the marketing field, particularly in professional services, to think about joining SMPS or a similar industry organization, especially if they are new to the AEC industry. Additionally, I challenge them to also consider partaking in a volunteer position within the organization to further deepen their connections and growth. This said, accept the opportunity to learn, connect, and thrive in an environment that values growth and excellence. Together, we can elevate our industry and leave a lasting impact.  

I would also like to conclude by thanking my firm, Safeguards Consulting, for sponsoring my membership, our chapter members, and the Communications Committee for welcoming me with open arms, and all the wonderful connections I have made along the way. Thank you for investing in me and my potential.  

Sincerely, 

Parker Stalvey  

Marketing Operations Lead, Safeguards Consulting, Inc. 

Communication Committee Director, The SMPS Palmetto Chapter  

Volunteers Requested for SIA’s VOI Steering Committee to Aid SPARC

/

We are proud to share that our Founder, Mark Schreiber, along with our firm, is honored to support the collaborative partnership between the International Association of Professional Security Consultants (IAPSC) and the Security Industry Association (SIA).  

SIA Creates the Voice of Industry (VOI) Steering Committee 

One key function related to this partnership is Schreiber’s participation in the SIA Voice of Industry (VOI) steering committee supporting the SIA Security Practitioners Advancing Real Conversations (SPARC) community, which is designed to better serve and support their end-user and security practitioner members. 

Who Makes Up the Security Practitioners Advancing Real Conversations (SPARC) Community? 

Also known as the SIA Technical End User Forum, this community brings together large end users and security practitioners.  

Its mission is to empower technical professionals by fostering a diverse support network that advances the security technology industry while actively participating in technology standards and compliance. Their members also benefit from vendor-neutral guidance, the latest research insights, and access to a wide range of training and networking opportunities.  

Their Technical End User Forum is also founded upon 3 bodies/committees: 

Membership: Offers opportunities for networking, group benchmarking sessions, personalized benchmarking, and engaging in face-to-face meetings. 

Voice of the Industry: Facilitates discussions with manufacturers, integrators, and specifiers to address industry needs, challenges, and expectations. You can learn more about this committee in the section below...  

Support Services: Delivers subject matter expert assistance for key industry products and actively participates in standards development and technical compliance initiatives. 

Some of the big names that are volunteer leaders within the SPARC committee are: + Jonathan Aguila, Meta (Executive Sponsor; Member, SIA Board of Directors and Executive Committee) 

+ Bobby Louissaint, Meta (Chair, SPARC) 

+ King Lam, Apple (Vice Chair, SPARC) 

+ Ruben Aceves, Microsoft 

+ Joe Gittens, Meta 

+ Dan Glick, Twillio 

+ Josh Heisler, Amazon 

+ David Hernandez, Disney 

+ Derik Hernandez, Meta 

+Philip Jang, TikTok USDS 

To explore SPARC in greater detail or if you would like to join, visit to learn more:  

SPARC: SIA's Technical End User Forum - Security Industry Association 

What is the Voice of Industry (VOI) Steering Committee, and What Do Their Members Do?  

The committee’s role is to offer industry insights to the Security Practitioners Advancing Real Conversations (SPARC) community upon their request, delivering supplier, vendor, and solution provider expertise in an unbiased, vendor-neutral way. Additionally, the committee contributes by creating white papers to further support and enrich the SPARC community. 

To learn more about VOI in detail, visit:  

VOI-Structure.pdf 

Why and How to Sign Up to Volunteer? 

You may be curious about the significance of volunteering and participating in an industry committee, not just for the benefit of the industry, but also for your personal career growth. To shed light on this, Schreiber offered the following insight from his own experience: “End Users do not have many forums to discuss their technology operations challenges, and the SPARC group provides a trusted venue for these discussions.  Being a volunteer for the SIA VOI allows industry suppliers to hear about these challenges that are amplified by SPARC and assist in advancing the industry to meet the needs of the end users.” 

Volunteer and Further the Industry  

We hope you will join us in supporting their efforts by volunteering on a committee with us or by sharing their volunteer opportunities with your network!  

To learn more about the volunteer opportunities or to sign up, visit:  

Volunteers Wanted! Join SPARC's Voice of the Industry Community - Security Industry Association