image of a man falling through a hole that looks like a QR code (Licensed) Remix by Max Fleishman

FBI warns QR code scams are on the rise

Both the FBI and the FTC have recently warned the public about scams involving QR codes.


Andrew Wyrich


Posted on Jan 19, 2022   Updated on Jan 19, 2022, 10:37 am CST

The FBI has joined other parts of the government in warning the public about a rise in scams that involve QR codes.

QR codes, which allow for people to scan an image with their phone that brings them to a specific website, have become popular in recent years—such as restaurants using them for customers to access menus.

On Tuesday, the FBI said criminals are “tampering with QR codes to redirect victims to malicious sites that steal login and financial information.”

Specifically, the FBI is warning that criminals are directing QR code scans to websites that steal people’s data, embedding malware in the codes that allow them to gain control of a victim’s device, or using the codes to redirect payment “for cybercriminal use.”

The agency used an example of someone scanning a QR code that they thought was legitimate, but instead had been “tampered” with to direct them to a website that asks them to enter login or financial information.

“Access to this victim information gives the cybercriminal the ability to potentially steal funds through victim accounts,” the FBI said in a public service announcement.

The agency said that people scanning QR codes should take a closer look at the URL that they are taken to, inspecting them for telltale signs of a scam like typos or misplaced letters. It also suggested making sure physical QR codes, like you might see at a restaurant, don’t have a sticker placed over them with another code.

The FBI added that you shouldn’t download apps using a QR code, and instead go into an app store and download them manually.

The warning from the FBI comes just a few days after the Federal Trade Commission (FTC) also warned consumers about a cryptocurrency scam that involved QR codes.

Last week, the FTC said scammers were impersonating law enforcement, the government, or utility companies and directing people to stores with crypto ATMs. Once the victim reached an ATM, they would direct you to buy cryptocurrency and send a QR code that would send the money to them.

Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Jan 19, 2022, 9:54 am CST