Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Kiplinger
Kiplinger
Business
Jamie Feldman

QR Code Scams: What To Know Before You Scan That Little Box

Illustration of a scan-me icon with a QR code on a white background.

QR codes emerged as a popular tool during the COVID-19 pandemic in restaurants, to pay for items and exchange funds, and even to board a flight. Our smartphones are equipped with technology to scan these codes, making them easy to use — as well as manipulate.

According to a recent  Federal Trade Commission (FTC) report, scammers have taken to using these seemingly harmless QR codes in “countless” ways to obtain information from unsuspecting victims by inserting harmful links inside them.

“A scammer’s QR code could take you to a spoofed site that looks real but isn’t. And if you log in to the spoofed site, the scammers could steal any information you enter,” according to the report. In another situation, “the QR code could install malware that steals your information before you realize it.”

How to spot QR code scams

In its report, the FTC shared some circumstances under which the QR code that you are about to scan could potentially be bogus. The fraud can be carried out in person and/or sent through your phone. It can involve scammers who:

  • Cover up legitimate QR codes on parking meters and replace them with their own bogus codes.
  • Pose as delivery service people during the holiday season who falsely report an issue with your order or delivery.
  • Falsely claim there is suspicious activity with one of your accounts and that you need to re-enter or change your information. 

It’s an especially vulnerable time of year with the holidays and an uptick in shopping, deliveries and expenditures. Scammers are all too keen to take advantage of these facts, as noted in a recent Visa scam alert.

“Crooks prepare all year for the holiday shopping season, taking advantage of increased activity and consumers who let their guard down [while] searching for the perfect gift,” Paul Fabara, Visa chief risk officer, said in the alert.

Kiplinger recently reported on a number of other consumer fraud alerts this time of year. These include a package delivery scam targeting shoppers, as well as a warning about scammers pretending to be from your utility company

There's also a new artificial intelligence (AI)-based voice cloning scam that has regulators scrambling for solutions. Fraudsters are using AI technology on phone calls to trick people into believing that, for instance, there is an emergency involving a loved one that requires urgent action.

What to do

It’s important to stay especially diligent this time of year as you may see even more QR codes than usual — legitimate and otherwise.

The FTC recommends you take steps such as:

  • Inspecting a QR code before opening it, especially if you see it somewhere unexpected. “If it looks like a URL you recognize, make sure it’s not spoofed — look for misspellings or a switched letter,” the FTC said.
  • Being wary of QR codes delivered through email or text, especially if they are marked as urgent. The agency recommends that you contact the company directly through its email address or listed phone number to see if the message is legitimate.
  • Ensuring that your phone is up-to-date with protective updates and use strong passwords and multi-factor authentication for your accounts.

The FTC also encourages people to submit a report if they believe they were scammed or think they have seen a scam.

The agency said it will share reports with more than 2,800 law enforcers and, while it cannot resolve individual reports, it uses them to investigate and bring cases against fraud, scams and bad business practices.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.