**The Rise of QR Code Scams: How to Spot and Protect Yourself**
QR codes used to be the kind of thing that you'd just see on ads or marketing flyers, but now they're appearing on everything from AR games on pizza boxes to light-up drone displays. During the pandemic, they've become a game-changer, with restaurants and other establishments ditching their physical menus and going contactless with QR codes. However, as these little square barcodes have become more popular and convenient for people, cybercriminals have also taken notice.
**The Nature of QR Code Scams**
QR code scams are similar to phishing scams that you might get sent via email with a link to a fake or malicious website. In this case, scanning the code won't necessarily download a bunch of malicious spyware onto your phone, but a scammer could use it to send you to a fake website where you fill out your personal information or your credit card details without thinking twice. The key thing to remember is that QR codes are just a vector for malicious activity - they're not inherently safe or secure.
**Rules for Scanning QR Codes Safely**
So, how can you spot a scam and protect yourself from malicious QR codes? Here are some rules to follow:
* **Rule 1: Think Before You Scan**. Yes, you want to get the drink specials menu at Tiki Tony's Mai Tai Hut, but take a closer look at that QR code before you scan it. Is it just a sticker or is it part of a bigger sign or display? If the code looks out of place in amongst the background, it's probably best not to scan it.
* **Rule 2: Look at Where the QR Code Is Trying to Send You**. Security experts say that if you're already on your laptop reading an email, ask yourself why does it need you to connect on another device. If the QR code is trying to send you to a website that doesn't look right, or one that's asking for login details or banking information that shouldn't be needed, then best to just avoid it altogether.
* **Rule 3: Don't Scan Codes That Come in Emails**. Security experts say that this is just a good general rule. After all, if you're already on your laptop reading an email, ask yourself why does it need you to connect on another device. Scanning codes from emails can be a major security risk.
* **Rule 4: Don't Scan Codes That Come in Unsolicited Junk Mail**. This includes flyers offering to help you consolidate debt - one of the scams reported to the Better Business Bureau. If you receive an email or letter with a QR code that looks official but doesn't quite feel right, trust your instincts and move on.
* **Rule 5: Preview the URL That the QR Code Is Trying to Send You To**. Many smartphones will give you a preview of the URL as you hover over it with your camera trying to scan it - this includes iPhones running the latest version of iOS. Make sure the website you see matches the service you're expecting. If the link looks strange, move on.
* **Rule 6: Be Wary of Short Links Like Bitly Addresses**. If you can't read the full URL, you don't know where the link is actually sending you and it could be malicious.
* **Rule 7: Avoid Using Your Phone's Camera Altogether and Opt for a Secure Scanning App**. Some of the big antivirus companies like Trend Micro offer free scanning apps that are designed to spot malicious links before your phone opens them. However, make sure you're getting the app from a legitimate company - there are plenty of fake apps out there that scrape user information.
* **Rule 8: Use a Password Manager**. If a QR code takes you to a fake website that looks completely convincing to the human eye, your password manager will still know the difference and it won't autofill your password. Using a password manager is easily the best three dollars a month you'll ever spend - and it was ridiculously easy to set up. CNET has a full rundown on the best password managers and how to set them up.
**Conclusion**
QR codes are super convenient, but they're also a potential risk. By following these rules and being mindful of where you scan your phone and what you do after scanning a QR code, you can significantly reduce the risk of falling victim to malicious QR code scams. Remember - it's always better to err on the side of caution when it comes to technology, especially when it comes to something as simple but potentially hazardous as a QR code.
"WEBVTTKind: captionsLanguage: enqr codes are everywhere from your local cafe to the back of the share bikes you ride around the city but they're also being used by scammers to steal your personal information here's how to spot a scam and how to protect yourself from malicious qr codes qr codes used to be the kind of thing that you'd just see on ads or marketing flyers but now these little square barcodes are appearing on everything from ar games on pizza boxes down to light up drone displays and during the pandemic they have been a game changer where using them to check into venues to make payments even the fanciest restaurants are ditching their physical menus and going contactless with qr codes but as they've become more popular and more convenient cyber criminals have also taken notice now they're creating their own malicious qr codes to exploit people and trick them into handing over personal information like banking details according to the better business bureau qr code scams have been on the rise so as we start to use these handy little barcodes more and more what do you need to know well qr scams are similar to phishing scams that you might get sent via email with a link to a fake or malicious website in this case scanning the code won't necessarily download a bunch of malicious spyware onto your phone but a scammer could use it to send you to a fake website where you fill out your personal information or your credit card details without thinking twice now most of us have become pretty good at avoiding dodgy looking links in emails but we might not be so diligent when it comes to whipping out our phone and scanning a qr code but the same rules still apply the better business bureau says cybercriminals rely on us scanning the code quickly without taking a closer look at what we're scanning or where it's sending us so that leads us to rule number one think before you scan yes you want to get the drink specials menu at tiki tony's mai tai hut but take a closer look at that qr code before you scan it is it just a sticker or is it part of a bigger sign or display is the qr code on a random flyer that someone handed to you in the middle of the street then it's probably best not to scan it if the code looks out of place in amongst the background ask for the url so you can just type it in manually or ask for a hard copy of what you're trying to download like the restaurant menu rule 2 look at where the qr code is trying to send you here you want to use the same skills that you use elsewhere when you're online is it leading you to the website that you were expecting and does that website look like it should if it's asking you for login details or banking information that it shouldn't need then best to just avoid it all together rule three don't scan qr codes that come in emails security experts say that's just a good general rule after all if you're already on your laptop reading an email ask yourself why does it need you to connect on another device rule 4 don't scan codes that come on unsolicited junk mail like flyers offering to help you consolidate debt this was one of the scams reported to the better business bureau from a victim who received a fake letter about student loan debt with a qr code that made it look official but it definitely wasn't rule 5 preview the url that the qr code is trying to send you to now a lot of smartphones will give you a preview of the url as you hover over it with your camera trying to scan it that includes iphones running the latest version of ios make sure the website you see matches the service you're expecting does the link look strange well if so move on rule six be wary of short links like bitly addresses if you can't read the full url you don't know where the link is actually sending you and it could be malicious rule 7 you might want to avoid using your phone's camera altogether and opt for a secure scanning app now these are designed to spot malicious links before your phone opens them some of the big antivirus companies like trend micro offer free scanning apps but another word of warning make sure you're getting the app from a legitimate company there are plenty of fake apps out there that scrape user information yes malicious apps and malicious qr codes it is turtles all the way down people all right finally rule 8 use a password manager if a qr code takes you to a fake website that looks completely convincing to the human eye your password manager will still know the difference and it won't autofill your password also while i have you here just get a password manager in general it's easily the best three dollars a month i have ever spent and it was ridiculously easy to set up cnet has a full rundown on the best password managers and how to set them up we like lastpass 1password and bitwarden depending on your needs and i can give you some links to those below so yes qr codes are super convenient but they're also a potential risk so remember stop and think and if it looks dicey then steer clearqr codes are everywhere from your local cafe to the back of the share bikes you ride around the city but they're also being used by scammers to steal your personal information here's how to spot a scam and how to protect yourself from malicious qr codes qr codes used to be the kind of thing that you'd just see on ads or marketing flyers but now these little square barcodes are appearing on everything from ar games on pizza boxes down to light up drone displays and during the pandemic they have been a game changer where using them to check into venues to make payments even the fanciest restaurants are ditching their physical menus and going contactless with qr codes but as they've become more popular and more convenient cyber criminals have also taken notice now they're creating their own malicious qr codes to exploit people and trick them into handing over personal information like banking details according to the better business bureau qr code scams have been on the rise so as we start to use these handy little barcodes more and more what do you need to know well qr scams are similar to phishing scams that you might get sent via email with a link to a fake or malicious website in this case scanning the code won't necessarily download a bunch of malicious spyware onto your phone but a scammer could use it to send you to a fake website where you fill out your personal information or your credit card details without thinking twice now most of us have become pretty good at avoiding dodgy looking links in emails but we might not be so diligent when it comes to whipping out our phone and scanning a qr code but the same rules still apply the better business bureau says cybercriminals rely on us scanning the code quickly without taking a closer look at what we're scanning or where it's sending us so that leads us to rule number one think before you scan yes you want to get the drink specials menu at tiki tony's mai tai hut but take a closer look at that qr code before you scan it is it just a sticker or is it part of a bigger sign or display is the qr code on a random flyer that someone handed to you in the middle of the street then it's probably best not to scan it if the code looks out of place in amongst the background ask for the url so you can just type it in manually or ask for a hard copy of what you're trying to download like the restaurant menu rule 2 look at where the qr code is trying to send you here you want to use the same skills that you use elsewhere when you're online is it leading you to the website that you were expecting and does that website look like it should if it's asking you for login details or banking information that it shouldn't need then best to just avoid it all together rule three don't scan qr codes that come in emails security experts say that's just a good general rule after all if you're already on your laptop reading an email ask yourself why does it need you to connect on another device rule 4 don't scan codes that come on unsolicited junk mail like flyers offering to help you consolidate debt this was one of the scams reported to the better business bureau from a victim who received a fake letter about student loan debt with a qr code that made it look official but it definitely wasn't rule 5 preview the url that the qr code is trying to send you to now a lot of smartphones will give you a preview of the url as you hover over it with your camera trying to scan it that includes iphones running the latest version of ios make sure the website you see matches the service you're expecting does the link look strange well if so move on rule six be wary of short links like bitly addresses if you can't read the full url you don't know where the link is actually sending you and it could be malicious rule 7 you might want to avoid using your phone's camera altogether and opt for a secure scanning app now these are designed to spot malicious links before your phone opens them some of the big antivirus companies like trend micro offer free scanning apps but another word of warning make sure you're getting the app from a legitimate company there are plenty of fake apps out there that scrape user information yes malicious apps and malicious qr codes it is turtles all the way down people all right finally rule 8 use a password manager if a qr code takes you to a fake website that looks completely convincing to the human eye your password manager will still know the difference and it won't autofill your password also while i have you here just get a password manager in general it's easily the best three dollars a month i have ever spent and it was ridiculously easy to set up cnet has a full rundown on the best password managers and how to set them up we like lastpass 1password and bitwarden depending on your needs and i can give you some links to those below so yes qr codes are super convenient but they're also a potential risk so remember stop and think and if it looks dicey then steer clear\n"
