Outsmart QR Code Scammers With These Tips

May 3, 2023

QR codes have become commonplace in our everyday lives. With a quick scan from a smartphone camera, they offer a fast and easy way to find additional information, access services, or process payments. However, scammers have found ways to take advantage of their popularity and use them to steal money and information.

Protect yourself and your data by understanding how QR codes work and the common ways they’re exploited. 

 Avoid QR Code Scams

QR Codes—from Bus Stops to Baseball Games 

QR (short for “Quick Response”) codes are two-dimensional barcodes made up of a unique configuration of black squares and dots. They can be scanned with your smartphone’s camera, which automatically translates the code into a message—often a website URL you can tap to open in your phone’s web browser.  

QR codes pack quite a punch when it comes to usefulness and versatility. Because such a simple technology can provide quick access to just about anything online, there are countless creative ways businesses use them. Here are a few examples you’ve likely seen:

  • Marketing and advertising: QR codes are often used in print and digital advertising to provide additional information about a product or service, or to drive traffic to a company’s website. For example, a QR code on a billboard or bus stop shelter ad might take you to a website where you can learn more about the product being promoted.
  • Payment processing: Businesses can use QR codes to send someone directly to a payment processing app or site to facilitate quick and easy mobile payment. Many restaurants and businesses began offering this as a common form of contactless payment during the COVID-19 pandemic.
  • Digital menus. Also during the pandemic, many restaurants began offering access to digital menus via QR codes displayed on their tables, in lieu of physical menus.
  • Exhibit or venue information: Many museums, galleries, or other public spaces provide visitors with QR codes, so they can access additional information about the event or the space. An art gallery, for instance, may display a QR code at the exhibit entrance that takes visitors to a website with additional details about the artwork displayed.
  • Event tickets or passes: QR codes are often displayed on physical or digital tickets for entertainment venues like concerts, sporting events, and shows. They are also used on passes to gain entry to places like museums and zoos. 

Watch Out For QR Code Scams

While the technology behind QR codes is benign, scammers and hackers have found ways to use it to their advantage. Last year, the FBI released an announcement warning the public about the rise of QR code scams 

A regular-looking QR code, for instance, might prompt someone to inadvertently download a malicious app or reveal sensitive or personal information.  Here are some examples to watch out for:

  • A physical postcard that appears to be from a legitimate company (like Amazon) offers a chance to test a new product for free and prompts the recipient to learn more by scanning a QR code. However, the QR code leads to a website set up by scammers to collect personal information—like name, address, and account details. 
  • A QR code stuck to a parking meter offers a convenient way to pay for parking. Scanning it leads to a fake payment portal that steals credit card information and deposits payments into the scammer’s bank account.
  • A QR code at a restaurant offers contactless payment. However, the legitimate QR code displayed at the table has been discretely covered up by a sticker with a fraudulent code. The fake code prompts the diner to set up an account—presumably for the restaurant’s reward program—and steals the diner’s personal information.  
  • An email that appears to be from someone’s bank asks them to log into their online bank account by scanning a QR code in the email. The QR code leads to a fake, yet legitimate-looking, login page that collects the recipient’s bank login name and password, giving the scammers access to the funds in that account. 

Protect Yourself Against QR Code Threats

QR codes can be a wonderful tool, but it’s important to remain vigilant and aware of misuse.The best way insureds can protect themselves and their companies is by being aware of trending threats and how to avoid them. 

According to Taras Shalay, Jencap’s Midwest Region Managing Director and cyber expert: “Develop a habit of taking a closer look at QR codes before scanning. If a QR code or a site it brings up feels or looks “off”— misspelling, formatting that doesn’t match a company’s brand, or a weird-looking URL—take a few extra minutes to confirm legitimacy before proceeding.”

The next time you see a QR code, use these tips to keep yourself and your data safe:

    1. Verify the source. Only scan QR codes from businesses you know and trust. After scanning a code, take a close look at the URL and make sure it looks authentic.
    2. Double-check physical QR codes for tampering. If the QR code looks like it’s a sticker placed on top of another QR code, don’t use it. 
    3. Only use your phone’s built-in QR code reader. Third party QR scanner apps can increase your chances of downloading malware. 
    4. Never download apps directly from a QR code. Use your phone’s app store instead. Apps available from your phone’s app store are rigorously tested and less likely to contain malware. 
    5. Don’t use QR codes sent in emails. Email security tools like URL scanners can’t identify suspicious links embedded in QR codes.
    6. Always be wary of using QR codes to make payments. 
    7. Avoid entering login details on a site navigated through a QR code—even if it’s for a company you are familiar with. It’s safest to navigate to the company’s website separately and enter your log-in information there. 

Although it’s important to proactively guard your insureds against cyber threats, adequate cyber insurance provides businesses with an additional, necessary layer of protection against the unexpected. Reach out to Jencap to speak with a cyber liability expert and get a quote today.

The Jencap Professional Lines Insurance Team

The Jencap Professional Lines Insurance Team

Whether it’s professional, management, or cyber liability, Jencap’s experienced brokers stay on top of industry trends and one step ahead of the competition, so they can offer the best guidance to you and your clients. Armed with decades of experience, Jencap’s dedicated professional lines team works tirelessly to navigate difficult risk placements, strict security control requirements, ever-changing market capacity, and unpredictable rate fluctuations.
QR Code Scams | QR Codes



Jencap Professional Lines Insurance

Navigating the New Frontiers
of Professional Lines Insurance

From EPLI to Cyber, partnering with an expert professional lines broker makes the rough road much smoother. We live in a world where risks evolve rapidly, especially for businesses. Jencap’s specialized brokers share the six biggest challenges facing the Professional Lines industry today.





Over the past few years, companies have faced a myriad of business risks — cost-cutting layoffs, supply-chain disruptions, sexual misconduct allegations, social inflation, cyber threats, and more. In our increasingly litigious society, it’s never been more important for businesses to ensure they’re protected. It’s also never been more challenging to secure reasonably-priced, comprehensive professional liability coverage. By partnering with a strong wholesale broker who focuses exclusively on professional lines, you and your clients will have the advantage, even in a hard mark.

Stay Informed

Want to receive information from Jencap on timely marketplace trends, hot new product and program launches, and valuable product expertise that will set you up to win? Sign up below to receive email communications from Jencap.

This field is for validation purposes and should be left unchanged.