‘Tis the Season for Scammers: Watch-out for the QR Code Brushing Scam

December 19, 2024
Jonathan J. Russell

 

This holiday season, we’ve been made aware of a new scam that is targeting unsuspecting consumers. Packages are being sent addressed to real recipients, which appear to be a holiday gift, however, there is no indication on or in the package regarding the sender. Inside the package there is a QR code inviting the recipient to scan the QR code in order to find out the name of the sender.

Unfortunately, this is a hoax. It is a practice known as “QR code Brushing,” a tactic whereby scammers put a QR code on something that looks legitimate, with the hope that you will scan the code. According the to the Federal Trade Commission, some of the ways these fraudsters will try to con you is by:

  1.  lying and informing you that they could not deliver your package and that you need to contact them to reschedule;
  2.  pretending that there is a problem with your account and you need to confirm your personal information; and
  3.  stating that they noticed suspicious activity on your account and you need to change your password.

These are all attempt so create a sense of urgency so that you scan the QR code and open the URL, without giving further thought as to whether or not the message is real. Once you scan the QR code or log into the spoofed site, you could be inadvertently installing malware onto your phone which will access and steal your personal and financial information.

There have even been reports of scammers placing a fake QR code over-the-top of a legitimate parking meter’s QR code, in order to gain access to your credit card information. Recognizing that QR codes are here to stay, and are now being used to gain entrance into a concert or sporting event; to board a flight; or even to access a menu at a restaurant, what can you do to be safe? The FTC recommends the following:

  • If you see a QR code in an unexpected place, inspect the URL before you click on it.
  • Don’t scan a QR code you were not expecting, especially if urged to do so immediately; and
  • Protect your phone accounts by using strong passwords and multi-factor authentication.

Personal Injury Attorneys serving Doylestown, Allentown, Bethlehem, Easton and Stroudsburg. The Best Attorneys near you. Contact us for a free consultation today.

At Drake, Hileman & Davis, our personal injury attorneys have been concerned for the safety of those in our community for more than 35 years. We have been helping the injured find answers, whenever accidents happen. We have a proven track record of results and satisfied clients. We’re ready to answer your questions and provide you with the legal help you need. Contact us on-line or call us at 1-888-777-7098 to schedule your free consultation in the convenience of your home or at one of our five offices located in Doylestown, Allentown, Bethlehem, Easton and Stroudsburg.