Step-by-Step Guide

How to Spot a QR Code Scam.

QR code scams (quishing) are growing rapidly because QR codes bypass email filters and are impossible to visually inspect before scanning. Scammers place fake QR codes in emails, on parking meters, in restaurants, and on public signs.

Scanned a suspicious QR code?

Enter the URL — we'll check if it leads to a legitimate or fraudulent site.

No signup · 6 detection layers · Results in seconds · Cmd+Enter

01Preview the URL before opening.

Most smartphone cameras show a URL preview when scanning a QR code. Read the URL carefully before tapping to open it. If the domain looks suspicious, doesn't match what you expect, or uses a URL shortener, don't open it.

02Watch for tampered physical QR codes.

Scammers place stickers with fake QR codes over legitimate ones on parking meters, restaurant menus, and public signs. Look for signs of tampering: stickers placed over existing codes, uneven surfaces, or codes that look different from others in the same location.

03Be cautious with QR codes in emails.

QR codes in emails bypass link scanning by email security tools. If an email from your "bank" or "employer" asks you to scan a QR code, it's likely a phishing attempt. Go to the website directly instead.

04Don't scan codes from strangers.

Be skeptical of QR codes on flyers, stickers, or messages from unknown sources. Scammers distribute malicious QR codes through fake advertisements, parking tickets, and package deliveries.

Quick checklist.

[ ]You previewed the URL before opening it

[ ]The QR code doesn't appear to be a sticker placed over another code

[ ]The URL matches the expected domain for the service

[ ]The QR code wasn't received in an unsolicited email

[ ]You verified the landing page is legitimate before entering information

Suspect Something?

Run a scan on the message you received.

Run a scan →