RELATED: If You Get an Email From the USPS With These 3 Words, Don’t Click on It. Even though they’ve been around for more than a decade, QR codes became more commonly used during the COVID-19 pandemic. Now, they’ve become so commonplace that one was used in a viral commercial during this year’s Super Bowl. But while they can be handy for looking at a restaurant’s menu or visiting your favorite shop’s online store within seconds, criminals can also use them for nefarious purposes. The FBI is warning that scammers are now using the scannable symbols to take advantage of unsuspecting victims in some cases.ae0fcc31ae342fd3a1346ebb1f342fcb In a public service announcement released on Jan. 18, the agency said that despite plenty of legitimate uses, “cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.” According to authorities, the recent uptick in QR codes has brought an increase in related crime with it. In many such cases, scammers will tamper with signage and replace a legitimate QR code with one that sends customers to a different website altogether. Victims are then duped into entering their personal information or credit card number, which the scammer can then use to steal funds or commit identity theft. In some cases, fraudsters can also use the tactic to break into your phone. “Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information,” the FBI warns. “The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.”
RELATED: For more up-to-date information, sign up for our daily newsletter. Scammers have already taken to using QR codes in some surprising ways. On Dec. 20, the San Antonio Police Department issued a public warning that fraudsters were sticking the scannable squares to public meters, saying that “people attempting to pay for parking using those QR codes may have been directed to a fraudulent website and submitted payment to a fraudulent vendor.” Unsuspecting victims who used the codes while attempting to pay for parking were actually handing over their credit card information to fraudsters. Unfortunately, police also reported similar parking scams to have taken place in Austin and Houston. “We don’t use QR codes at all for this very reason, because they are easy to fake or place on the devices,” Jason Redfern, Austin parking division manager, told local NBC affiliate KXAN. “And we heard from industry leaders that this would be a possibility,” adding that the city only accepts payments of cash, coins, or credit card at the meter or through the use of the city’s mobile payment app. The FBI is cautioning the public that while they can still count on QR codes to be safe in most cases, there are a few tips to follow to make sure they don’t fall victim to a scam. The agency recommends only scanning codes from a trusted source, such as inside a reputable business, and always ensuring it hasn’t been tampered with or altered with a sticker. You should also double-check the address of any website you’re sent to via QR code and only ever enter personal or financial information when you verify you’re on the webpage. When in doubt, manually enter the address of the website you’re trying to visit to make sure you’re not being misdirected. The agency also warns that you should never download an app from a QR code, opting to use your phone’s native app store instead. You should also avoid scanning any codes sent to you in an email requesting payment from a company. As always, you should look up the number of the company in question and contact them before handing over any information. RELATED: If You Get This Message From Netflix, Delete It Immediately, FBI Warns.
