Brinker Simpson Logo
  • FIRM
    • Overview
    • Our Values
    • Our Culture
    • Diversity, Equity & Inclusion
    • Our Team
    • Brinker Simpson CARES
    • Client Testimonials
  • SERVICES
    • Audit and Assurance
      • Audit, Review, and Compilation Engagements
      • Agreed-Upon Procedure Engagements
    • Tax
      • Accounting Services
      • Estate and Trust
      • IRS Representation and Tax Controversies
      • Modern Family and LGBT Services
      • Private Client Services
      • State and Local
      • Tax Advisory Services
      • Tax Return Planning and Compliance
      • Tax Transaction Services
    • Client Accounting Services
      • Client Accounting
        • CFO and Controller Services
        • Accounting and Bookkeeping
      • Small Business Consulting
        • Financial Planning and Analysis
      • Transaction Advisory
        • Due Diligence
        • Post-Acquisition Services
      • Internal Control Assessments
      • Debt Covenant Compliance
    • Fraud and Forensic
      • Compliance and Internal Control Assessments
      • Economic Damages
      • Forensic Accounting
      • Fraud Investigation
      • Internal Investigation
      • Shareholder Disputes
      • White Collar Criminal Tax Defense
    • Valuation
      • Business Succession Planning
      • Business Valuations
      • Buy-Sell Agreements
      • Calculation Of Value Engagements
      • Forecasts and Projections
      • Mergers and Acquisitions
      • Quality of Earnings
      • Transaction Consulting
    • Peer Review and Quality Control Services
      • Performance of System and Engagement Peer Reviews
      • Outsourced Quality Control Review
  • INDUSTRIES
  • INSIGHTS
    • BSCO News
    • BSCO Blog
    • E-Newsletter
    • Webinars
  • CAREERS
    • Overview
    • Experienced
    • Students/Interns
    • Job Openings
    • Employee Testimonials
  • FUN
    • Virtual Content
      • Brinker Simpson Eats
      • Meet the Team Monday
      • Not Your Average Accountants
      • Employee Testimonials
  • CLIENT PORTAL
  • PAY NOW

May 24, 2023

Before You Scan a QR Code, Make Sure It’s Legitimate

Technology has made seemingly everything fast, convenient and easily accessible. This is certainly true of quick response (QR) codes, those ubiquitous symbols you can find on everything from restaurant menus to product packages to advertisements. When you scan QR codes with a smartphone, you can access prices, instructions, product information and even payment apps.

But as with most technologies, fraud perpetrators have found ways to exploit QR codes — and steal from consumers and businesses. Here’s what you need to know.

How thieves use them

Last year, the FBI issued an alert about QR code tampering. Fraudsters replace or alter QR codes so that users are directed to malicious websites or inadvertently download malware onto their devices. Such schemes enable fraudsters to access victims’ account usernames and passwords and personal and financial information.

Unfortunately, it’s very easy for criminals to create QR codes using online tools. They replace the codes of legitimate businesses with their own by, for example, placing stickers over existing codes. Such stickers have been found on menus, parking meters, signs in front of businesses and packaging of all kinds. Fraudsters might also include them in phishing emails or printed advertisements, coupons or surveys sent through the U.S. Post Office.

Foiling schemes

Preventing QR fraud is similar in many ways to foiling phishing schemes. When you’re directed to a website, scrutinize it for authenticity. Fraudulent sites often look amateurish and feature misspellings and typos. The site’s name may be similar — but not quite the same — as the site you intended to visit. If you’re suspicious, don’t type in a username, password or payment information. Leave the site immediately.

Other ways to avoid QR code traps are to:

  • Inspect physical objects for stickers or other signs the original QR codes have been replaced.
  • Be careful about scanning any QR code included in an email. Try to verify the authenticity of the email first.
  • Use only your phone’s camera to scan codes. You shouldn’t download a QR code app.
  • Don’t make payments via QR codes. Go directly to the website by typing in the URL and only use payment processing systems that encrypt your information with SSL or TLS protocols.

Businesses can help protect themselves by routinely checking online and physical sites where they’ve placed QR codes for signs of tampering. Include a message with your QR code telling customers that they should notify you if scanning your code takes them to a suspicious site.

Be on guard

Not even QR codes are safe from fraud perpetrators. As with all types of fraud, your best defense is a good offense. Look closely at QR codes before you scan them and scrutinize the sites they lead to.

Recent Post

Beyond the Fraud Risk Assessment: Managing Nuanced Threats

Beyond the Fraud Risk Assessment: Managing Nuanced Threats

Turn Business Losses Into Future Tax Savings

Turn Business Losses Into Future Tax Savings

Step-Up in Basis: A Powerful Estate Planning Tool

Step-Up in Basis: A Powerful Estate Planning Tool

Contact Our Team Today!

Back to Top

Brinker Simpson & Company, LLC
1400 N Providence Road
Rosetree Building 2, Suite 2000E
Media, PA 19063

Terms & Conditions
 
 
Privacy Policy
 
 
We accept Visa Mastercard American Express and Discover
 
610.544.5900