Cybersecurity awareness

Think before you
scan that QR code

QR codes are convenient — but a single scan of a malicious one can compromise your device, steal your data, or empty your wallet. Here's what to know.

Do not scan this

This is a demonstration QR code. Malicious ones look identical to safe ones.

Common threats

Phishing sites

Fake websites that mimic banks, delivery services, or government portals to steal your login credentials.

Malware download

A scan can trigger an automatic app download that installs spyware or ransomware on your device.

Payment fraud

Tampered QR codes on restaurant menus or parking meters redirect payments to criminal accounts.

Location & data theft

Codes can launch apps, access contacts, or pull GPS location without obvious warning prompts.

Before you scan, check these
Preview the URL first Most phone cameras show the destination link before opening it. Read it carefully — typos like "paypa1.com" or long random strings are red flags.
Check for stickers over stickers Feel the QR code — a sticker placed on top of an original is a classic tamper method used in parking and dining scams.
Never enter credentials after scanning Legitimate services almost never require a login immediately after a QR scan. If prompted, navigate directly to the official website instead.
Be extra cautious in public spaces Airports, restaurants, hotels, and transit hubs are high-risk spots. Verify QR codes with a staff member when in doubt.
Use a QR scanner with link preview Dedicated scanner apps show you the full destination URL and warn about known malicious domains before any page loads.

QR codes are safe when used by trusted sources — but a moment of caution can prevent serious harm.
When in doubt, don't scan. Look up the service directly instead.