How to protect yourself from fake QR codes scammers use to steal money and info

By Matt Gephardt and Sloan Schrage, KSL-TV | Posted - March 22, 2024 at 6:29 p.m.

 
Save Story
Scammers using fake QR codes to steal money and identities
KSL TV
Leer en español

Estimated read time: 2-3 minutes

SALT LAKE CITY — QR codes, or quick-response codes, are just about everywhere – from where we park to where we eat and lots of other places in between. They are easy to scan with our phones to find information, but how much can we really trust a QR code?

"Most people don't realize how easy it is to make a QR code," said cybersecurity expert Zulfikar Ramzan, chief scientist at Aura. "Any scammer with about 50 seconds on their hands can create one," Ramzan said.

Indeed, the KSL Investigators found it does just take seconds to create a QR code online that you can then download and print and then post anywhere you want. All you need is a link.

And you can bet the links scammers use in their QR codes will take your phone to dangerous places.

"That website may be malicious and could in turn cause a problem for whoever clicks on that link or goes to that particular site," Ramzan warned.

We're talking spoofed websites, disguised as real ones to steal your money, your identity or both. Or the code can direct you to a site laced with malware allowing a hacker into your device.

Scammers often send their fake QR codes by email or text. Because you can't tell if a QR code is legitimate just by looking at it, Ramzan says slow down. First, make sure you trust the person or organization that sent you the code. And there's no law that says you must use a QR code.

Most people don't realize how easy it is to make a QR code. Any scammer with about 50 seconds on their hands can create one.

–Zulfikar Ramzan, Aura

Ramzan said you take a few minutes to research a company and find its contact info on your own, rather than relying on a QR code.

But if you do open a QR code to a website: "If it starts asking you for sensitive data or something doesn't seem quite right about the site, don't just give in and give your data away," Ramzan said.

He said don't scan QR codes that show up randomly in public places. And for codes you can't avoid scanning – check for tampering first. Some scammers print their fake codes on stickers and then slap those on top of legitimate QR codes.

"Take a little careful look to make sure there's no layers of QR codes hiding underneath," Ramzan said. "And if you start to see some layers, then back away."

And if you haven't already, install antivirus software on your phone. Now, that won't free you of all trouble caused by scanning random QR codes, but it can help block malware attacks.

Most recent KSL Investigates stories

Related topics

KSL InvestigatesUtah
Matt Gephardt
Matt Gephardt has worked in television news for more than 20 years, and as a reporter since 2010. He is now a consumer investigative reporter for KSL TV. You can find Matt on Twitter at @KSLmatt or email him at matt@ksl.com.
Sloan Schrage

Most Viewed

STAY IN THE KNOW

Get informative articles and interesting stories delivered to your inbox weekly. Subscribe to the KSL.com Trending 5.
By subscribing, you acknowledge and agree to KSL.com's Terms of Use and Privacy Policy.

KSL Weather Forecast

Mobile Apps | Newsletter | Advertise | Contact Us | Careers with KSL.com
Terms of use | Privacy Statement | DMCA Notice | Do Not Sell My Data | EEO Public File Report | KSL-TV FCC Public File | KSL FM Radio FCC Public File | KSL AM Radio FCC Public File | Closed Captioning Assistance
© 2024 KSL.com | KSL Broadcasting Salt Lake City UT | Site hosted & managed by Deseret Digital Media - a Deseret Media Company