QR codes offer a measure of convenience for consumers and help companies conduct business, but where trends go, fraudsters will follow. The relatively new phenomenon of QR code phishing, or “quishing”, involves generating fictitious QR codes.
These fraudulent codes are sent to a person directly via text or email or will be placed as a physical sticker to cover up a legitimate QR code on a menu or flyer. If scanned, these fictitious codes can redirect people to fake websites that may download malware onto their device or request payment or personal information.
The good news is that you can help protect yourself by simply being aware of the risks and taking precautions. Here are some recommendations from the Better Business Bureau to avoid scanning a fraudulent QR code:
1. Don't scan the QR code immediately
Whether you receive a text message from a friend or a message on social media, contact that person directly to make sure it’s legitimate.
2. Look for tampering
Watch out for advertising materials like menus or flyers that have been tampered with.
3. Consider antivirus software
For added security, consider installing antivirus software with a QR scanner app that checks the safety of a scanned link before you open it.