Many businesses and services have added QR codes to more easily connect consumers to information and links. When scanned with a smart phone, these QR codes take customers to a website. Criminals are using QR code scams to redirect victims to malicious websites designed to steal their information. 

What is A QR Code Scam?

In this scam, a business’ QR code is replaced with a fraudulent code. The cybercriminal’s code sends users to a fraudulent website that steals victim’s data, installs malware on the device, or asks for a payment that goes to the scammer or the business.

Here’s what you can do to protect yourself from QR code scams:

  • If you scan a QR code, check the URL to make sure it looks authentic. Watch out for misspellings or domain names that don’t match the business. Never give out your personal information unless you’re sure of a website’s authenticity.
  • Make sure the QR code hasn’t been tampered with. In many cases, criminals will use a sticker to put their malicious code on top of the business’ code.
  • Never download an app or software from a QR code.

The 9 Latest QR Code Scams

  1. QR code scams on parking meters and other contactless payments
  2. Fake QR codes sent in phishing emails (failed payments, credential phishing, etc.)
  3. Tampered QR codes in restaurants
  4. Fake QR codes sent through the mail (surveys, sweepstakes, etc.)
  5. QR codes on unexpected package deliveries
  6. QR codes at sham COVID-19 testing centers
  7. QR codes sent over social media (hacked accounts)
  8. Cryptocurrency QR code scams
  9. Fake QR code scanner apps that download malware
 
NCDOJ (2022, March 1). Watch Out for QR Code Scams. Retrieved June 14, 2023, from https://ncdoj.gov/consumer-alert-watch-out-for-qr-code-scams/
Aura (2022, December 13). 9 Latest QR Code Scams. Retrieved June 14, 2023, from https://www.aura.com/learn/fake-qr-code-scams