You know, sometimes you’ve just got to give it up for crooks. I mean, they can adapt better and faster to changing technologies than many industries. Much of the time, these criminals prey on the elderly and when my father was alive, there were times I was relieved he couldn’t see well enough to get on a computer because they would definitely have drained his bank account and given his device multiple viruses a day. There’s no way he would have been able to decline offers that claim he’d won a million dollars or that a long lost family member had left him their life savings or a hot date. All I would hear is click, click, click and then him shouting “What did I do? How could they?!” RELATED: The ATM Scam Travelers Should Be Aware Of
Well, this time, the bad guys aren’t just targeting seniors with their newest scam. Thanks to the pandemic, almost everything has become contactless and I’m sure you’ve seen QR codes on tables at restaurants or inside airline clubs. They’re great because you don’t have to handle the dirty menus. However, this means that everyone is at risk but especially travelers.
It turns out some QR codes can be an easy way for thieves to get your personal information. According to a public service announcement from the FBI: “The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.”
RELATED: Don’t Fall For the Falling Lady Scam
First of all, as the FBI explains: “A QR code is a square barcode that a smartphone camera can scan and read to provide quick access to a website, to prompt the download of an application, and to direct payment to an intended recipient. Businesses use QR codes legitimately to provide convenient contactless access and have used them more frequently during the COVID-19 pandemic. However, cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.”
Here are the tips the FBI recommends to protect yourself:
- Once you scan a QR code, check the URL to make sure it is the intended site and looks authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
- Practice caution when entering login, personal, or financial information from a site navigated to from a QR code.
- If scanning a physical QR code, ensure the code has not been tampered with, such as with a sticker placed on top of the original code.
- Do not download an app from a QR code. Use your phone’s app store for a safer download.
- If you receive an email stating a payment failed from a company you recently made a purchase with and the company states you can only complete the payment through a QR code, call the company to verify. Locate the company’s phone number through a trusted site rather than a number provided in the email.
- Do not download a QR code scanner app. This increases your risk of downloading malware onto your device. Most phones have a built-in scanner through the camera app.
- If you receive a QR code that you believe to be from someone you know, reach out to them through a known number or address to verify that the code is from them.
- Avoid making payments through a site navigated to from a QR code. Instead, manually enter a known and trusted URL to complete the payment.
I can’t tell you how many times a week I get a text message and/or an email from a credit card company or bank that I actually do business with but … it’s not really them contacting me. The phone number or email address looks like it is legitimate but when I hover over the URL, I can see it’s a total scam. I consider myself very savvy and I’ve come close falling for it. My wife almost did too and wrote about it here.
So the purpose of this tip is not to scare you from using QR codes because they’re great. But be more conscious and cautious about them and don’t input any personal information or credit cards unless you know it’s safe to do so.
More Scams to Watch Out For
- Is Your Hotel Scamming You?
- Don’t Fall For It: Scammers Are Pretending to be Customs and Border Protection Agents
- Cybersecurity and Fraud Expert Shares Tips on How Not to Get Scammed When Traveling
- How To Avoid Vacation Rental Scams
- Don’t Fall For These QR Code Scams
- 7 Tips For Avoiding Black Friday Scams Online
- These Are the Latest European Travel Scams to Know Before You Go
Want more travel news, tips and deals? Sign up to Johnny Jet’s free newsletter and check out these popular posts: The Travel Gadget Flight Attendants Never Leave Home Without and 12 Ways to Save Money on Baggage Fees. Follow Johnny Jet on MSN, Facebook, Instagram, Pinterest, and YouTube for all of my travel posts.
Thank you so much for the information on this scam. I would like to think I would be cautious about adding personal information, but it’s so easy to get caught up or distracted, that it can definitely happen. It’s also good advice to independently check the website that the QR code directs you to. I mostly use these codes in restaurants that don’t provide menus… Maybe I’ll just ask for a paper menu in the future. Criminals will hijack anything that moves for scamming, but I have yet to hear of anyone catching covid from a menu!
With the rise in QR menus this is a good thing to watch out for. Good info to put out there. The QR code has been called the STD of the computer.
Funny. I might have to make that the quote of the day
In Austin about a year ago when they put qr codes on the parking meters that redirected the person to pay all day parking for $40 ,people did and then were ticketed for not paying and of course the scammer now had their money and Financials. We went to a restaurant in the hill country where other patrons figured out that the restaurant menus and an app to pay were on the table, but all qr codes had been replaced at the tables with codes that did not belong to the restaurant. I would never use a qr code. Too risky and insecure. I believe they are not designed to operate with any security to them. Don’t use them people, you have no idea who or what they are. They need to fix that. If a restaurant or business only has codes for menus or pay, we leave.