IDG Answers is a community of experts who are passionate about technology. Ask a question or answer one below.
I think your greatest threat is phishing through use of a fake look-a-like website, or using a cloned website to attack reader software or install malware QR Codes could also potentially be used as an attack vector for SQL or command injection on reader software. There have been similar attacks on systems using RFID chips. The nice thing is, outside of a relatively narrow range of tasks, there isn't a lot of need to read QR Codes using your smartphone. The vast majority of QR Codes that are encountered daily are used for advertising and marketing, and while I can't speak for others, I am hit with enough adverts daily without the need to do the companies' work for them, especially if it carries a security risk along with the information. I don't think the level of risk is very high at the moment, but it may be high enough to think about those QR codes before you scan them.