QR codes emerged as a popular tool during the COVID-19 pandemic in restaurants, to pay for items and exchange funds, and even to board a flight. Our smartphones are equipped with technology to scan these codes, making them easy to use — as well as manipulate.
According to a recent Federal Trade Commission (FTC) report, scammers have taken to using these seemingly harmless QR codes in “countless” ways to obtain information from unsuspecting victims by inserting harmful links inside them.
“A scammer’s QR code could take you to a spoofed site that looks real but isn’t. And if you log in to the spoofed site, the scammers could steal any information you enter,” according to the report. In another situation, “the QR code could install malware that steals your information before you realize it.”
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
How to spot QR code scams
In its report, the FTC shared some circumstances under which the QR code that you are about to scan could potentially be bogus. The fraud can be carried out in person and/or sent through your phone. It can involve scammers who:
- Cover up legitimate QR codes on parking meters and replace them with their own bogus codes.
- Pose as delivery service people during the holiday season who falsely report an issue with your order or delivery.
- Falsely claim there is suspicious activity with one of your accounts and that you need to re-enter or change your information.
Popular holiday scams
It’s an especially vulnerable time of year with the holidays and an uptick in shopping, deliveries and expenditures. Scammers are all too keen to take advantage of these facts, as noted in a recent Visa scam alert.
“Crooks prepare all year for the holiday shopping season, taking advantage of increased activity and consumers who let their guard down [while] searching for the perfect gift,” Paul Fabara, Visa chief risk officer, said in the alert.
Kiplinger recently reported on a number of other consumer fraud alerts this time of year. These include a package delivery scam targeting shoppers, as well as a warning about scammers pretending to be from your utility company.
There's also a new artificial intelligence (AI)-based voice cloning scam that has regulators scrambling for solutions. Fraudsters are using AI technology on phone calls to trick people into believing that, for instance, there is an emergency involving a loved one that requires urgent action.
What to do
It’s important to stay especially diligent this time of year as you may see even more QR codes than usual — legitimate and otherwise.
The FTC recommends you take steps such as:
- Inspecting a QR code before opening it, especially if you see it somewhere unexpected. “If it looks like a URL you recognize, make sure it’s not spoofed — look for misspellings or a switched letter,” the FTC said.
- Being wary of QR codes delivered through email or text, especially if they are marked as urgent. The agency recommends that you contact the company directly through its email address or listed phone number to see if the message is legitimate.
- Ensuring that your phone is up-to-date with protective updates and use strong passwords and multi-factor authentication for your accounts.
The FTC also encourages people to submit a report if they believe they were scammed or think they have seen a scam.
The agency said it will share reports with more than 2,800 law enforcers and, while it cannot resolve individual reports, it uses them to investigate and bring cases against fraud, scams and bad business practices.
-
3 Ways to Stretch the 2026 Social Security COLA For Your BudgetThree steps retirees can take to stretch the Social Security COLA to fit their budgets.
-
How to Keep Your Charitable Giving Momentum Going All YearInstead of treating charity like a year-end rush for tax breaks, consider using smart tools like DAFs and recurring grants for maximum impact all the year.
-
Uber Takes Aim at the Bottom Lines of Billboard LawyersUber has filed lawsuits and proposed a ballot initiative, in California, to curb settlements it claims are falsely inflated by some personal injury lawyers.
-
Texas Sales Tax-Free Weekend 2025Tax Holiday Here's what you needed to know about the Texas sales tax holiday.
-
Florida Back-to-School Tax-Free Holiday 2025Sales Taxes The new tax-free holiday in Florida brought month-long savings on computers, clothing and other school supplies.
-
Visa, Mastercard's Swipe Fee Settlement Might Save You Money, For NowThe limited-time agreement directly benefits merchants, which can potentially pass savings on to consumers.
-
New List Out On Medicare Part B Drugs Eligible for RebatesSome Medicare beneficiaries may pay lower coinsurance rates from April 1 to June 30 for the drugs, HHS says.
-
Use An iPhone? You May Be Hearing From A Class-Action Lawsuit GroupA handful of suits against the iPhone maker seek to crack down on everything from app store purchases to messaging.
-
Capital One/Discover: What's In Their Wallet For You?Push back on Capital One's planned merger with Discover is growing with one group of consumer advocates calling for a public hearing.
-
Lawmakers: Nix Social Security Offsets For Seniors In Student Loan DefaultOffsetting Social Security benefits to pay for defaulted student loans can be devastating for some beneficiaries, lawmakers say.
-
Stellantis Recalls 285K Vehicles Over Airbag ProblemsDefective airbag inflators on certain Chrysler and Dodge vehicles could rupture and cause injury or death, NHTSA says.
