Skip to content

QR Code Scams

    QR codes have been around for over 25 years however 2020 saw an increase in usage due to the coronavirus pandemic. According to eMarketer, QR code scans nearly doubled to 25% in 2020 up from 13% the year prior as they made looking at menus, product information, services, events, and much more a lot easier as people just scanned the QR code without touching anything that could be contaminated. It is also estimated that QR code scanning will increase by more than 19% to 99.5M in 2025 from 83.4M in 2022.

    Scammers have realized that QR codes have become very popular which is why they are taking advantage of the QR code technology to scam people out of money or to steal their identity.

    How Do QR Scams Work

    Anyone can create a QR code by using a number of free online tools. This makes QR codes easy for businesses to use but it’s also easy for scammers to take advantage of them.

    To create a QR code, businesses can go to an online QR code generator and input the URL to which they want to send customers to. The QR code can take customers to concert events, restaurant menus, surveys, local government websites, coupon, or deal websites.  There are no limits to what you can do with a QR code and the scammers know this which is why they are using them to exploit people.

    What Happens If You Scan A Fake QR Code

    You could be taken to a phishing website

    Scammers create sites that look convincingly similar to what you expect, and then they ask for your sensitive information. But anything you enter including name, contact information, and credit card number goes to the scammer who will use the information to steal all your money or even worse sell your identity on the black market to other scammers who will use it to scam more innocent victims

    Your device could be infected by malware

    QR codes can also download malicious software onto your devices such as malware, ransomware, and trojans. These viruses can spy on you, steal your sensitive information  or even encrypt your device until you pay a ransom

    Latest QR Code Scams

    Here are some of the latest QR code scams used by scammers to try and steal your money

    Fake QR Codes Sent In Phishing Emails

    Be cautious of any QR code that is sent in an email. These scams typically entail receiving an unsolicited email that contains a QR code needed to “view” a document, invoice, picture, or something else that is enticing to the recipient.

    For example, scammers will often send “failed payment” emails that include a QR code. These scams also claim to come from a retailer you trust, like Amazon. The email will claim that a recent purchase of yours didn’t go through and that you need to scan the QR code to complete the transaction.

    Don’t scan QR codes that are sent to you in emails. If you think an online purchase didn’t go through, log into your account directly on the company’s website instead of using a QR code.

    Fake QR Codes For Surveys, Free prizes, Coupons

    This can involve the scammer sending you an email that includes the QR code or they may send the offer through the post which temp you to scan the QR code to win a holiday, complete a survey, win a prize or get free coupons. If you receive an offer like this from someone you do not know asking you to scan a code be very careful as it may take to a criminal, or phishing website or try and install malware, or viruses on your device.

    QR Code APP

    Cybercriminals are developing QR code apps that you can download from the Google play store or Apple store for free to scan QR codes. Cybercriminals are using the free app you have downloaded to take you to the malicious or criminal website when you scan a QR code use the app. They also may try and install malware or a virus on your device via the QR code

    Do not download a free QR code app to your mobile, or tablet device. We recommend you use the built-in QR code included with your phone.

    Social Media and WhatsApp

    Scammers are also making use of social media including Facebook, Instagram, TikTok, and more to distribute and convince people to scan QR codes online with offers of free prizes, and coupons, share this QR code, Scan here to see a great photo or video. As you can imagine scammers will come up with all types of tricks to steal your money or your identity.

    If someone online you don’t know asks you to scan a QR code don’t do it. Any QR code in a social media direct message (DM) should be treated with caution

    Cryptocurrency QR code scams

    Scammers trick you into thinking you’re either getting in on investment or need to pay a fine using cryptocurrency. They’ll send you a QR code that opens a payment processor which enables you to convert your money to Bitcoin, Ethereum, and other cryptocurrencies.

    Another common cryptocurrency QR code scam involves a fake investment opportunity. These scams often happen on social media or dating sites. Again, the scammer uses a QR code to direct victims to an official-looking site that includes information on how to send them cryptocurrency.

    How To Protect Yourself from Fake QR Codes

    Not all QR codes are scams and are used by legitimate businesses to provide you with easy access to information about the services they offer however with any technology there will be people who will use it to exploit people in order to steal your money or you’re personal identity.

    Here are a few rules for using QR codes safely which may protect you from scammers.

    Look for signs of tampering

    Scammers will often replace legitimate QR codes with their own fraudulent ones. Check to see if the code is on a sticker above another one, or if there are signs it has been tampered with.

    Preview the URL before following the QR code

    Your phone will tell you the destination to which a QR code is trying to send you. Check the URL to see if it seems safe (or ask a member of the staff if you’re in a restaurant). If the URL is shortened and unreadable, do not recommend you click on the link

    Check the destination site for signs that it’s a phishing scam

    Look for signs that you’ve landed on a fraudulent website including misspelled words and typos, unprofessional design and low-resolution images, and unsecure URLs. “Secure” sites use HTTPS (not HTTP) and will display a padlock icon near their URL.