These days, QR codes are a common and convenient way to scan tickets, view a menu, pay for a service, or even board your flight. With so many great uses, it’s not hard to see why QR codes have gained popularity since the start of the pandemic, but unfortunately, they can be used in harmful ways as well. Recently, fraudsters have been using QR codes to hide harmful links that steal personal information.

Want to know how to keep your information safe when using QR codes? We’ve got you covered.

  1. Know What to Look For

Some of the ways that fraudsters use QR codes include covering QR codes on parking meters with their own code or sending you QR codes by text message or email with a made-up reason for you to scan it. Here are some of the ways that fraudsters might try to scam you:

  • they lie and say they couldn’t deliver your package and you need to contact them to reschedule
  • they pretend like there’s a problem with your account and you need to confirm your information
  • they lie, saying they noticed suspicious activity on your account, and you need to change your password

Fraudsters use these lies to try to convince you to scan the QR code and open the URL without suspicion. This code takes you to a fraudulent site and if you log in to the spoofed site, the fraudster could steal any information you enter. Or the QR code could install malware that steals your information before you realize it.

  1. Know How to Protect Your Information
  • If you see a QR code in an unexpected place, inspect the URL before you open it. If it looks like a URL you recognize, make sure it’s not spoofed — look for misspellings or a switched letter.
  • Don’t scan a QR code in an email or text message you weren’t expecting — especially if it urges you to act immediately. If you think the message is legitimate, use a phone number or website you know is real to contact the company.
  • Protect your phone and accounts. Update your phone’s OS to protect against hackers and protect your online accounts with strong passwords and multi-factor authentication.