Scanned a QR code recently? The FTC is warning about the threat of scammers. Here’s why

Shaun Goodwin
Joshua Bessex/jbessex@gateline.com

Everywhere you look nowadays, it’s hard to avoid QR codes, those black and white squares with smaller squares inside.

Each is unique: scanning it with your phone camera will take you to the desired online destination. We see them on parking meters for parking, high school sporting events to view the rosters, and even at restaurants to view the menu.

But the Federal Trade Commission is now warning people to be aware of potential scams involving QR codes, with scammers using them to steal personal information.

One of the most common scams, the FTC warns, is people covering up QR codes on parking meters with a scam code, directing you to a website that could steal your information. The FTC also advises against using QR codes sent randomly by text or email.

Here are some of the most common ways a scammer will try to con you, according to the FTC:

  • The email or text says they couldn’t deliver a package and asks you to click a link to reschedule.

  • They pretend there’s a problem with an online account and ask you to verify information.

  • They say suspicious activity has been detected on your account and ask you to change your password.

In all instances, they’re lies that prompt people into a sense of urgency, leading them to click on the URL or scan the QR code without thinking, according to the FTC.

If you enter any information on the site that the QR code takes you to, a scammer could steal that information. It’s also possible for QR codes to download malware on your device that can steal your data.

Here are ways that the FTC recommends to keep yourself safe from potential scammers:

  • If you see a QR code in an unexpected place, inspect the URL to ensure it’s real. If the URL is a website you recognize, ensure it’s spelled correctly; many spoof sites may have a small misspelling or switch letters around.

  • Don’t scan a QR code from a text message or email, especially if it’s causing a sense of urgency. If you think the code is legitimate, use a phone number or go to the company’s legitimate website to reach out.

  • Update your phone. Many phones nowadays include updates with critical patches and protections to defend against security threats.

  • Use strong passwords and multi-factor authentication, requiring you to use a separate program or app to authenticate a login attempt from you rather than a hacker.

Advertisement