Quick Response codes or QR codes have been around since 1994, but they have become much more popular in recent years and can be commonly found on parking meters, in restaurants and in advertising. When you can a QR code with your phone, it will take you to a website. Unfortunately as the popularity of QR codes has increased with the public, its popularity has also increased with scammers who are setting up phony QR codes to lure you to their bogus website where they solicit personal information used for identity theft or persuade you to make a payment with a credit card or even in some instances, merely by scanning the phony QR code, you will download harmful malware such as ransomware or even malware that will enable the scammer to take over your email account.
The FBI warned about a dramatic increase in QR code scams in 2022 and the problem is only getting worse.
The most common places where you will find phony QR codes is on parking meters where the phony QR code is put on as a sticker over the legitimate QR code, in restaurants, in phishing emails, on social media posts or on unordered packages delivered to your home.
TIPS
The first step to take to protect yourself is to always check the URL of any website the QR code takes you to that requests a payment or personal information. If the URL does not begin with https, but only begins with http, you know it is a scam. In restaurants, confirm with your server that the QR code is taking you to the correct site and always pay directly in person and never through the QR code. In phishing emails that may appear to come from a legitimate source such as Amazon, refrain from using the QR code and go directly to your account rather than through the QR code. If you receive an unordered package with a QR code to scan for instructions to return it, go directly to your account at the legitimate company, such as Amazon rather than use the QR code. And just like you shouldn’t click on links in social media posts unless you have absolutely confirmed they are legitimate, the same holds true for QR codes in social media. Trust me, you can’t trust anyone.
Finally, there are companies like Kaspersky that have free QR code scanner apps that will not only scan the QR code, but also let you know if it is legitimate and prevent the downloading of malware from bogus QR codes. Here is a link to Kaspersky’s QR code scanner. https://www.kaspersky.com/qr-scanner
If you are not a subscriber to Scamicide.com and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address where it indicates “Sign up for this blog.”