Beware of QR Phishing Scams

Beware of QR Phishing Scams

February 21, 2024

What are QR Codes?
QR codes, also known as Quick Response codes, are two-dimensional barcodes that are scannable through a
smartphone camera or app. QR codes can hold information like links or files such as a menu at a restaurant or used
to make payments, request public transportation, ticketing booths, etc. They also frequently show up on marketing
campaigns to direct you toward a website on your mobile device or to share more information about a product.


What is QR Code Phishing?
QR code phishing has been steadily gaining popularity among cybercriminals, with QR code phishing campaigns
increasing by 2,400% since May 2023. Hackers are using QR codes to trick people into scanning a QR code that
leads to a fake website that may look identical to a legitimate one to obtain sensitive data or download malware. A
QR code phishing attack can come from many different sources including an email, text, or even a physical
document.


QR code phishing can vary in its results. Some hackers will attempt to trick users into entering personal information
or credentials, whereas another scam might involve launching a fake payment site. However, all QR code scams are
trying to get victims to scan the QR code to then navigate them to a fraudulent site.


Tips for staying safe
It’s important to stay vigilant about potential scams. Some best practices for reducing your risks with QR code
phishing are included below:

• Verify the source
Confirm the QR code is coming from a reputable source.
Double check with the sender if it’s from.

• Show caution towards unsolicited QR codes
Don’t scan QR codes from strangers.
Be wary if a QR code site asks for personal information, login credentials, or payment.

• Preview the link
Review the preview of a link to make sure it’s leading to a legitimate site.
Shortened links may be hiding a malicious URL.
Make sure the website uses HTTPS rather than HTTP.