The use of QR codes has become more common in the last decade as they provide an easy way to connect with apps and web pages quickly.
However, this trend is now being exploited by some scammers, as it makes it much easier to direct people to a fake webpage without them realizing it.
In a report by the Better Business Bureau (BBB), the experts warn that there has been a sharp increase in scams involving QR codes, particularly in phishing schemes.
The scams are continuing to take new forms and are often used to direct users to phishing websites, fraudulent payment portals, or downloads that infect devices with malware.
How do QR code scams work?
QR codes are commonly used by scanning with the camera of a smartphone. This can direct the user to a package tracking website, restaurant menu, relevant app, and more.
Despite being an incredibly useful tool, it has created a new risk for consumers. Criminals have found it to be an effective tool for running scams as, unlike a link, it’s not clear if it’s genuine.
Some users have reported receiving an email, text message, letter, or other correspondence with a QR code. After scanning it, in some cases, the victim is directed to a phishing website, where they are asked to enter their personal information.
In some cases, according to the BBB report, scammers are using QR codes to launch a payment app or follow a malicious account on social media.
One example given is a parking scam, which involves a printed sticker on a parking meter with a fake QR to pay for parking. This often looks legitimate, but when motorists scan the code they are directed to a fake payment platform.
The BBB says that to avoid falling victim to these scams, people should treat QR codes in the same way as every other unknown link. Even if it comes from someone they know, they should confirm with them that the message is genuine before scanning it.
Additionally, QR scanners with additional security are available from antivirus companies, and these can check the safety of links before they are opened.