QR codes are a useful tool for many businesses due to how easy they are to create and set up, whilst replacing the need for physical media or copying a URL link. However, there has been a rise in scammers creating fake QR codes to fool victims into visiting malicious imposter websites or downloading malware on their devices.
Kushal Tantry, CEO of QR Code Developer has identified six of the latest QR code scams that are being used by scammers and what to look out for if you suspect you have encountered one.
Parking information and payment scams
One of the most common QR code scams in the UK and US right now involves scammers placing fake QR codes onto parking meters or information signs. This leads victims to a website that looks official but is designed to steal user’s credit card information. People are usually in a rush to pay and may attempt contactless payment without looking for warning signs.
You should avoid paying through QR codes whenever possible, especially in public places. If the fake code is covering up a real QR code in that location, check if the URL is secure and what you would expect to see. Any spelling or grammar errors on the actual site can also determine if it might have been created by scammers.
Posters and information board scams
Other fake QR codes in public places may be found on posters or information boards, especially in town or city centres during the summer season when many events are taking place. These scams tend to target unsuspecting tourists or locals looking for further details from an advertisement, which can lead them to a fake website or malicious download.
Check if the QR code is a sticker that might be covering up and replacing an existing code underneath. It may have been placed in a strange way compared to the rest of the advertisement, showing the code could have been stuck on afterwards. You should also look out for other obvious signs that you are on a phishing website and not the legitimate site, such as spelling mistakes or incorrect branding.
Social media message scams
QR code scams can be found on many social media sites such as Snapchat or Facebook. Hackers may take over one of your family’s or friends’ accounts and send messages containing QR codes, trying to convince you to scan them. Treat any such unusual requests with caution, especially if they are out of the ordinary.
These messages are likely to be worded differently from how the person normally replies or could come from someone you have not spoken to in a long time. If you think someone might have been hacked, be sure to message or call them on their mobile number to verify if these messages are legitimate.
Phishing email scams
Scammers often include fake QR codes in phishing emails that they send to potential victims. This is because people often fail to recognise that scanning these codes can be just as risky as clicking on links contained within unsolicited emails. Examples of this scam include phoney emails from a well-known retailer containing a QR code pertaining to a failed transaction.
It is likely that any emails mentioning failed orders, purchases, or unknown accounts aren’t legitimate, so you should avoid interacting any further with the email or sender. Make sure to check the email addresses for spelling mistakes or errors and contact the company directly through their website if unsure.
Physical mail and package scams
Any advice around unsolicited emails can be applied to anything you might receive in the mail, such as letters or packages. Scammers can use bogus letters to trick you into scanning a QR code through surveys, competitions, or tracking a supposed order. It is unlikely that many legitimate companies would send you a QR code to use in this way.
Any mail used for scams may use urgent or threatening language to get you to act quickly or incentivize you to scan by offering made-up rewards. If the mail appears to come from a company you recognize, be sure to check their website first on your official account or ring their helpline.
QR code scanner app scams
Scanning QR codes is doable via your smart device camera, but some scammers may also try to fool you into downloading a harmful scanner app. This then allows malware to be installed on your device that can steal data and personal details. Be careful when downloading any scanner apps that have strange reviews or have received a lot of ratings in a short space of time.
You can recognize these sorts of malicious apps if they immediately ask you to download a sizeable update after being installed, which is likely to be the malware. Use the official online stores when searching for new apps and check to see if they request permissions that seem extensive for what is needed, such as controlling your screen.
Recent Comments