FBI Cautions When Using QR Codes

Share This TechTip

A few weeks ago, I wrote a TechTips article on the growing popularity of using QR codes in your marketing. It seems like QR codes are everywhere. Restaurants use them to allow you to download menus. You see them in print articles and publications, sending you to a particular website or webpage.

They are becoming quite helpful. And cybercriminals are paying attention.

A couple of recent articles have highlighted the potential danger of scanning a QR code without thinking about security and the potential for scammers to use those codes to steal information.

I recommend you read both these articles, as well as the FBI announcement.

In January, the FBI released a public service announcement highlighting how cybercriminals are tampering with QR codes and providing some suggestions for how you can protect yourself.

To recap, here is the list of steps the FBI recommends you take to protect yourself from QR code scams:

  • Once you scan a QR code, check the URL to ensure it is the intended site and looks authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
  • When entering login, personal, or financial information on a site navigated from a QR code, practice caution.
  • If scanning a physical QR code, ensure the code has not been tampered with, such as with a sticker placed on top of the original code.
  • Do not download an app from a QR code. Use your phone’s app store for a safer download.
  • If you receive an email stating a payment failed from a company you recently made a purchase with and the company says you can only complete the payment through a QR code, call the company to verify. Locate the company’s phone number through a trusted site rather than a number provided in the email.
  • Do not download a QR code scanner app. This increases your risk of downloading malware onto your device. Most phones have a built-in scanner through the camera app.
  • If you receive a QR code that you believe to be from someone you know, reach out to them through a known number or address to verify that the code is from them.
  • Avoid making payments through a site navigated from a QR code. Instead, manually enter a known and trusted URL to complete the payment.

If you believe you’ve been a victim of a QR code scam, report the fraud to your local FBI field office at The FBI also encourages victims to report fraudulent or suspicious activities to the FBI Internet Crime Complaint Center at

QR codes are a great tool that can help take some friction out of prospects and help customers quickly get the information they want. And, like many other things, a bit of caution is advised.

Steve Anderson

Steve Anderson

Often revered as the insurance industry tech guru or the Godfather of Insurtech, Steve Anderson is practically synonymous with innovation. He spent over 22 years as president of The Anderson Network – an authority on insurance agency productivity, technology, and profits – and has served on various boards and committees for IIABA and Big I NY. He’s also the author of the international best-selling book “The Bezos Letters” where he examines “14 Principals to Grow Your Business Like Amazon.”

More TechTips To Explore

Get Access to Catalyit

Subscribe To Our Newsletter

Get updates and learn from the best

Sincere Thanks to our Founding, Platinum, & Premium Solution Providers. These companies really 'get it.'

‹ Back to Blog

Forgot Password?


Solution Provider Profiles are only visible to Full Access subscribers!

Upgrade now to unlock all Catalyit content and learn more about this Solution Provider.