Unsolicited packages with QR codes pose serious fraud risk, FBI warns
NEWYou can now listen to Fox News articles!
The QR codes which were once considered as a practical shortcut to verify the menus or payment invoices have been increasingly transformed into weapons. False delivery texts, counterfeit payment links and malicious codes glued to legitimate links are all part of the modern fraud game book.
The last warning of the federal authorities shows how these tactics have passed. Criminals are now sending packages that people have never ordered. Inside these boxes is a QR code which, when digitized, can lead to stolen personal details, drained bank accounts or malware that executes silently in the background of a telephone.
Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com Bulletin.
The scams of the QR code increase to 73% of Americans scan without checking
What you need to know about the QR code scam
The diagram is a touch of what is called a brushing scam. Traditionally, the brushing of scams involved online sellers sending products to foreigners, then using the details of the recipient to publish false criticism. It was more a nuisance than a serious crime.
An Amazon package with a QR code. (Image Group Lindsey Nicholson / UCG / Universal via Getty Images)
Now the practice has gone from free harmless items to deliberate fraud. Instead of receiving a product, many victims find only a printed QR code. Once digitized, the code redirects them to fraudulent websites that require sensitive personal information, such as banking information, credit card numbers or connection identification information. Certain codes go further and install malware designed to follow the activity and steal data directly to the device.
“The FBI prevents the public from a variation in the scam in which criminals send unlined packages containing a QR code which invites the recipient to provide personal and financial information or unintentionally download a malicious software that steals data from their phone,” said the agency in a public opinion. “To encourage the victim to scan the QR code, criminals often send the sender without information to encourage the victim to scan the QR code.”
WhatsApp prohibits 6.8 m scam accounts, launches the safety tool
Why the QR codes call on the crooks
QR codes have become common in daily life. They are used in restaurants, stores, airports, on polls and payment systems and most people scan them without a second reflection. Unlike the suspicious links that can be identified, a QR code reveals nothing until it is analyzed.
This makes it a perfect disguise for a scam. The configuration is simple: a package arrives without information from the sender and no explanation. The mystery is stretching curiosity and many people scan the code to determine who sent it. This moment of curiosity is what the crooks count on.
Taylor Swift fans come together in front of a building where a wall featuring a large QR code was painted to promote Swift’s latest album, “The Torred Poets Department”, on April 17, 2024, in Chicago. (Scott Olson / Getty Images)
The consequences can be serious. False websites can collect names, addresses and financial details. Malventy software can silently monitor the accounts, the strike journal or even target cryptocurrency wallets. Victims often do not notice before seeing unauthorized accusations or suspicious withdrawals. Until then, their information can already be in the hands of criminals.
Do not fall for this tip of banking phishing scam
7 ways to stay away from the QR code scams
The crooks rely on curiosity and convenience to encourage people to scan the malicious QR codes. Some simple habits can help you avoid becoming a target. Here are seven ways to stay away from the scams of the QR code.
1) Be careful with unsolicited QR codes and use strong antivirus software
Avoid scanning QR codes from mysteries, random leaflets or stickers on public panels. A QR code is just a disguised link, and until you know where it leads, it should not trust. To stay safe even if you accidentally scan a risky code, keep a strong antivirus software on your phone. Mobile security applications can block fraudulent sites, warn you before downloads and protect against malicious QR code attacks.
Get my choices for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices Cyberguy.com.
2) Start in sources of trust
Only digitize QR codes of companies and organizations in which you already trust. The examples include the mobile application of your bank, a shipment of boarding airlines or a payment page of the known retailer. If you do not click on a random link in a text message, do not digitize either a random QR code.
3) Overview of the links before opening
Most phones allow you to support and maintain a QR code link to preview where it goes. If the URL seems suspicious, with spelling mistakes, random numbers or shortened links, do not open it. Taking a second to check can save you from a phishing trap.
The crooks send false packages with QR codes which induce recipients in scanning and access to criminals to their personal data. (Kurt “Cyberguy” KTUSSON)
4) Limit your digital footprint
The less personal data available on you online, the more difficult it is for the crooks to target yourself with convincing fraud attempts. Consider using data deletion services that clean your information from people and marketing databases. This reduces the chances that your address or phone number is found in bad hands and is connected to a scam package.
Although no service promises to delete all your Internet data, having a deletion service is excellent if you want to constantly monitor and automate the process of deleting your information from hundreds of continuous sites over a longer period of time.
Consult my best choices for data deletion services and get a free analysis to find out if your personal information is already on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already on the web: Cyberguy.com.
5) Activate two factors authentication (2FA)
Even if your connection details are stolen, 2fa Make criminals more difficult to access your accounts. By demanding a secondary code sent to your phone or generated via an authenticator application, 2FA helps to prevent unauthorized connections to your bank accounts, e-mail and trading.
6) Keep your device up to date
Software updates often contain fixes for the security vulnerabilities that crooks are trying to exploit. The execution of the latest version of the operating system of your phone, as well as updating applications regularly, offers you stronger protection against malware that can be delivered via a malicious QR code.
7) Report a suspicious activity
If an unexpected package arrives at your door with a QR code inside, don’t just throw it away. Report to local authorities and plan to file a complaint with the FBI internet crime complaints. The reports help not only to protect you, but it also gives the police more information to follow the spread of these scams.
Click here to obtain the Fox News app
Kurt de Kurt to remember
This scam may not yet be everywhere, but it shows how criminals are adapting to new technology. QR codes were intended to make life easier, and most of the time they do it, but this same convenience can turn into weakness when people let curiosity replace caution. The lesson here is that a mystery package with a QR code is not a fun puzzle to understand. It is a red flag. The safest movement is to step back, resist the urge to scan and if something feels turned off, signal it instead of interacting with it.
Have you ever scanned a QR code without thinking twice when it could lead? Let us know by writing to Cyberguy.com.
Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com Bulletin.
Copyright 2025 cyberguy.com. All rights reserved.
