Beware of QR Code Scams

QR codes are everywhere...menus, posters and ads, paper tickets, flyers, and more. True to form, scammers have found they can leverage QR codes to steal your money. Some examples:

• QRs that lead you to a malicious web site to infect your device
• QR stickers on parking meters
• Stickers covering valid QR codes leading to a fake third-party "payment" site to capture your credit card
• QR codes used to hide fake or misspelled web sites
• Fake payroll QR codes

Cybersecurity company Trellix found over "60,000 samples of QR code attacks" in just Q3 2023.

Protect Yourself

• Verify the QR code is for the correct web site before opening the site (most cameras will show you the URL)
• Double check for switched letters or misspellings
• Be suspicious of QR codes sent via email (they could have simply sent a link instead)
• Be suspicious of emails that create urgency (account expiration)
• Be suspicious of unexpected contest-winner texts or emails
• Be suspicious of any QR that asks you to log in

Overall, if you know the web site, just type it in to your browser's address bar yourself rather than clicking a link in a text or email.

January 2024

Send this article to a friend!
Subscribe to The ITS Connection

Related articles

• Scammers hide harmful links in QR codes to steal your information (FTC)
• FBI Tech Tuesday: Building a Digital Defense Against QR Code Scams (FBI)
• Return to article list