NewYou can listen to Fox News articles now!
QR codes once considered a convenient shortcut to check menus or pay bills have increasingly become weapons. Fake delivery text, fake payment links and pasted in legal payment links have become part of it Modern fraud script.
The latest warning from federal authorities shows how far these tactics have gone. The criminal is now mailing packages that people have never ordered. Inside these boxes are QR codes, which can lead to Personal details of the stolen, Drainage bank account or malware runs quietly against the background of a cell phone.
Sign up for my free online report
Get my best technical tips, emergency security alerts and exclusive deals delivered directly to your inbox. Plus, you’ll be visiting my Ultimate Scam Survival Guide now – Free when joining me Cyberguy.com communication.
QR code scams rise because 73% of Americans scan without checking
What you need to know about QR code scams
The scheme is a turning point to the so-called toothbrush scam. Traditionally, a toothbrush scam involves online sellers sending products to strangers and then posting fake comments using the recipient’s details. This is more of a nuisance than a serious crime.
Amazon package with QR code. (Lindsey Nicholson/UCG/Universal Images via Get Image Group)
Now, this practice has changed from harmless free items to intentional fraud. Many victims did not receive the product, but only found the printed QR code. After scanning, the code redirects it to fraudulent websites that require sensitive personal information, such as bank information, credit card numbers, or login credentials. Some code goes a step further and installs malware designed to track activity and steal data directly from the device.
“FBI The agency said in a public notice that it warned the public of scam changes in criminals, in which the criminal sent a package containing a QR code that prompted the recipient to provide personal and financial information or uninformedly downloaded malware that stole data from his phone.
WhatsApp ban 6.8 million scam, launching security tools
Why QR code attracts scammers
QR codes have become common in daily life. They are used in restaurants, shops, airports, polls and payment systems, and most people do not hesitate to scan them. Unlike suspicious links that can be found, the QR code is not disclosed before scanning.
This makes it the perfect disguise for a scam. Setting up is simple: a package arrives, no sender information, and no explanation. This mystery sparked curiosity, and many people scanned the code to find out who sent it. That curious moment is what the liars rely on.
Taylor Swift fans gathered outside a building where a large QR code mural was painted to promote Swift’s latest album, The Tortured Poets Department, in Chicago on April 17, 2024. (Scott Olson/Getty Images)
The consequences can be serious. Fake websites can harvest names, addresses and financial details. Malware may silently monitor accounts, log keystrokes, and even targeted cryptocurrency wallets. The victim usually doesn’t notice until he sees unauthorized charges or suspicious withdrawals. By then, their information may have been in the hands of the criminal.
Don’t fall for this bank phishing scam
7 ways to get QR code scam
Scammers rely on curiosity and convenience to trick people into scanning malicious QR codes. Some simple habits can help you avoid being targeted. Here are seven ways to avoid QR code scams.
1) Be cautious with unsolicited QR codes and use powerful antivirus software
Avoid scanning QR codes, random flyers or stickers on public signs. The QR code is just a disguised link until you know where it is and it should not be trusted. To stay safe, keep powerful antivirus software on your phone even if you accidentally scan the risky code. Mobile security applications can block fraudulent sites, warn you before downloading and prevent malicious QR code attacks.
Choose from the Best Antivirus Protection Awards for Your Windows, Mac, Android and iOS devices Cyberguy.com.
2) Adhere to a trustworthy source
Scan only QR codes for businesses and organizations you already trust. Examples include your bank’s mobile app, airline boarding pass, or checkout page for known retailers. If you do not click on a random link in a text message, please do not scan the random QR code.
3) Preview the link before opening
Most phones can press and hold a QR code link to preview where it goes. If the URL looks suspicious, misspelled, random numbers, or shortened links, don’t open it. Taking a second to check can save you from phishing traps.
Scammers are sending fake QR codes to trick the recipient into scanning and allowing criminals to access their personal data. (Kurt “CyberKnutsson)
4) Limit your digital footprint
There is less personal data available online about you, and the harder the scammers try to target your target with compelling fraud. Consider using a data deletion service that scrubs your information from people search websites and marketing databases. This reduces the chances of your address or phone number ending up wearing in the wrong hands and connecting to the scam package.
While there is no service that promises to remove all data from the Internet, it is great to have a deletion service if you want to keep monitoring and automatically delete information from hundreds of sites.
Check out my preferred data deletion service and scan it for free to see if your personal information is already accessible on the internet Cyberguy.com.
Do a free scan to find out if your personal information is already on the Internet: Cyberguy.com.
5) Enable two-factor authentication (2FA)
Even if your login details are stolen, 2FA Make it harder for criminals to access your account. 2FA helps prevent unauthorized bank, email and transaction accounts from logging in through auxiliary codes required to be sent to your phone or generated through the Authenticator app.
6) Keep the device up-to-date
Software updates often include fixes for security vulnerabilities that scammers are trying to exploit. Running the latest version of your phone’s operating system and regularly updating the apps provide you with stronger protection from malware provided through malicious QR code.
7) Report suspicious activity
If an unexpected package arrives at your door with a QR code inside, don’t simply throw it away. Report it to local authorities and consider filing a complaint with the FBI’s Internet Crime Complaints Center. Not only will the report help protect you, but it also provides law enforcement with more information to track how these scams are spread.
Click here to get the Fox News app
Kurt’s key points
This scam may not be everywhere, but it shows how quickly criminals can adapt to new technologies. QR codes are designed to make life easier and in most cases, but the same convenience can become a weakness when people are curiously cautious. The lesson here is that a mysterious packaging with a QR code is not an interesting puzzle. This is a red flag. The safest move is to take a step back and resist the urge to scan, and if you don’t feel it, please report it instead of interacting with it.
Have you ever scanned the QR code without thinking twice before doing it? By writing to us, let us know Cyberguy.com.
Sign up for my free online report
Get my best technical tips, emergency security alerts and exclusive deals delivered directly to your inbox. Plus, you’ll be visiting my Ultimate Scam Survival Guide now – Free when joining me Cyberguy.com communication.
Copyright 2025 CyberGuy.com. all rights reserved.
