The Internet of Things (IoT) is the expansion and extension of the traditional network. It is a network that connects goods and objects, which has been widely used in today's social development process. It occupies an important position in various industries. The emergence of the Internet of Things has greatly improved the refinement level of human management. The QR code (Quick Response Code) is a part of the perception layer of the IoT, which belongs to the perception and recognition technology of the IoT. The QR code not only brings convenience to users but also becomes the carrier and disseminator of malware, phishing, and other attacks. Therefore, it is of great significance for the security of the IoT to understand the potential threats of the QR code, analyze its potential attack methods, and put forward defense plans. This paper briefly introduces the basic characteristics of the QR code, as well as some attack methods and potential threats against the QR code, and put forward some preventive measures from both technical and non-technical aspects. The technical aspect includes the combination of cryptography and the introduction of third-party management. The non-technical aspects are discussed at the national and individual user levels.