In plain words
If this just happened, start at the top and do each step in order. You do not need to solve everything at once.
Stay calm first
A practical, calm checklist for what to do immediately after scanning an unknown QR destination.
What the risk depends on
Risk is low if you only scanned and closed the page. Risk increases if you entered login details, payment details, installed an app, or approved a prompt.
First 5 minutes priority order
- Contain the risk: stop interaction, close suspicious pages, disconnect if needed.
- Secure exposed accounts: reset login details from trusted links and sign out unknown sessions.
- Protect payments: lock cards or contact provider if payment data may be exposed.
- Document and notify: save evidence and contact relevant support channels.
Immediate steps
- Close the page and do not interact further.
- Review browser downloads and remove unknown files.
- If you entered login details, reset that password from a known-good link.
- If you entered payment info, contact your card provider.
Priority order
- Contain: stop interaction and disconnect risky app installs.
- Secure: rotate exposed login details and sessions.
- Financial: lock cards or monitor for fraudulent payments.
- Record: keep screenshots/URLs for reporting.
Who to contact
Contact your bank if payment data was shared, your employer IT team if a work account was involved, and the venue where the QR code appeared so they can remove it.
What to monitor
- Unknown login alerts
- New payment access controls
- Password reset emails you did not request
- Unexpected app permissions or mobile profile installs
Prevention for next time
Use trusted apps or bookmarked sites for payments and account logins. Treat QR scans as untrusted links unless you can verify destination context.
Important: Fast containment beats perfect certainty. Start with reversible safety steps now.