In plain words
Malicious QR Codes explained simply: what it looks like, the warning signs, and the safest next step if it happens to you.
What this is
A malicious QR code is a code that points to a harmful destination instead of a legitimate page. Because the destination is hidden until after you scan, attackers get a few seconds of trust before you can inspect anything.
How it works
- The attacker places QR stickers on posters, menus, payment terminals, or parking signs.
- You scan and land on a page that looks normal enough to keep going.
- The page asks for a login, payment, install, or urgent action.
- Your data, account, or money is captured before you notice something is off.
Why people fall for it
- Scanning is frictionless and feels routine now.
- People expect mobile pages to look simple, so fake pages blend in.
- The moment often involves urgency: parking, tickets, check-in, or payment.
Warning signs
- The page URL is weird, shortened, or misspelled.
- You are asked to sign in again for a simple task.
- A payment page appears before you confirm what service you are paying for.
- The page pushes app installation from an unknown source.
Example scenario
You scan a code on a restaurant table that says "View menu." The page loads, but quickly asks you to sign in with a social account to continue. That extra login step is unnecessary for a static menu and is a strong signal to stop.
What to do if it happens
- Close the page immediately.
- If you entered login details, change that password from a known-good site.
- If you entered payment data, contact your bank or card provider.
- Report the suspicious code to the venue or organization.
How to reduce risk next time
- Preview the URL before opening whenever your phone allows it.
- Use bookmarked links for banking, email, and major services.
- Treat unexpected sign-in prompts as high risk.
Quick reminder: You do not need proof that something is fake before you pause. One credible red flag is enough to stop and verify.