QR codes are convenient and easy to use but can also be a gateway for cybercriminals to steal your personal and financial information. QR code scams are on the rise when more people are using QR codes for contactless payments, online orders etc. Here are some tips on how to spot and avoid QR code scams.
What are QR code scams?
QR code scams are a type of phishing attack, where scammers use fake QR codes to trick you into visiting malicious websites, entering your sensitive information, or downloading malware. Scammers can create their own QR codes and place them over legitimate ones, or send them to you via email, text, or social media. Some common QR code scams are:
- Payment scams: Scammers may place fake QR codes on parking meters, vending machines, or flyers, and claim that you can pay for a service or product by scanning the code. The code will take you to a fake website that asks you to enter your credit card or bank account details or to download an app that will steal your information or money.
- Email scams: Scammers may send you an email that looks like it is from a reputable company and ask you to scan a QR code to confirm your order, update your account, or claim a reward. The code will take you to a phishing website that asks you to enter your login credentials, personal information, or payment details.
- Cryptocurrency scams: Scammers may use QR codes to lure you into fake cryptocurrency giveaways, investments, or transactions. They may promise to double your crypto if you send them some first or invite you to join a lucrative scheme. The code will take you to a website that asks you to scan your crypto wallet address or to enter your private key or password.
- Donation scams: Scammers may impersonate a charity or create a fake one and use QR codes to solicit donations for a cause. They may place QR codes on flyers, posters, or social media posts, and claim to support a disaster relief, a social movement, or a personal story. The code will take you to a website that asks you to enter your credit card or bank account details or to download an app that will access your contacts or camera.
How to protect yourself from QR code scams?
To avoid falling victim to QR code scams, you should follow these best practices:
- Preview the QR code link. A preview of the URL should appear on your phone when you scan a QR code. Make sure the URL seems legitimate and that it isn’t a misspelling of a real URL (for example, “Microsaft.com” instead of “Microsoft.com”).
- Check for tampering. If you’re scanning a QR code that’s in a public place, like a restaurant, make sure the QR code doesn’t have a sticker above it that a scammer could have placed.
- Check the website. If you follow the QR code link, ask yourself if the website seems professional. Low-quality images and typos are signs of fraudulent websites. Look for a lock symbol next to the URL or https:// in the URL. These URLs are secure URLs.
- When in doubt, contact the company. If you receive an unusual email or letter in the mail from a business with a QR code, contact the business to determine if the message is legitimate.
- Don’t scan or open QR codes from strangers. Whether you’re approached online or in the street, don’t scan QR codes from people that you don’t know. Be on the lookout for “too good to be true” messages, like a stranger offering you money or free products if you scan their QR code.
How to report cyber security issues
Countless cyber security incidents can happen. Make sure to report them to IT. Please also report if you find something suspicious but are not sure if it is a cyber security incident. It is better to report one too many than one too few! Report to itsecurity@odfjell.com.
And finally, always remember when something strange happens or you get an unusual inquiry:
STOP - LOOK - THINK
