News

Fake QR codes and how to spot them – Info from Wiltshire Police

QR Codes have been around for several decades now but have become more prominent in the last few years. So once again, criminals are seizing the opportunity to use malicious QR Codes to steal money, and personal information.

People may sometimes worry about trusting these codes which are now common in public places, such as pubs and restaurants, and these are generally safe to scan.

The majority of QR code scams so far have been in open spaces such as stations and car park machines, so always check the QR code sign to see if appears to have been tampered with or has another label stuck on top of it.

However, QR codes are now appearing in greater numbers in phishing emails, often now called “Quishing”.

Criminals realise that the public are now more aware of the dangers on clicking on links in unsolicited emails, so are using QR codes instead to direct the recipient to a malicious website.

How can you avoid being scammed by fake QR codes?

• Preview the QR code link. The URL should appear on your phone when you scan a QR code. Make sure the URL seems legitimate and that it isn’t a misspelling of a real URL.

• Check for tampering. If you’re scanning a QR code that’s in a public place, like a restaurant or a car park ticket machine, make sure the QR code doesn’t have a sticker on top of the original.

• Check the website. If you follow the QR code link, does the website seems professional? Low-quality images and typos are always signs of fake websites. Look for a lock symbol next to the URL or https:// in the URL to show if these sites are genuine.

• When in doubt, contact the company. If you receive an unusual email or letter in the mail from a business with a QR code, contact the business to determine if the message is legitimate.

• Never scan or open QR codes from unknown sources. Whether you’re approached online or in the street, don’t scan QR codes from people that you don’t know. Always lookout for the “too good to be true” messages, such as gifts or free products if you scan their QR code.

As ever, be vigilant, especially with QR codes received in emails.

If you or someone you know has unfortunately fallen for a scam, please report it to Action Fraud on 0300 123 2040 or on their website: www.actionfraud.police.uk