AUGUSTA, Ga. (WFXG) - There’s a new PSA from the FBI. It’s about QR code scams. According to the FBI, cybercriminals are tampering with QR codes in hopes of getting your data.

You’ve probably seen a lot of QR codes and there's a reason for that. IntelliSystems CEO Kevin Wade points to the coronavirus pandemic.

“Because it provides a means of touchless type of engagement.” said Wade.

Wade says you might have even used a QR code a time or two.

“One example is going out to eat. Instead of restaurants handing out menus, you can scan the QR codes on the table and you can look at the full menu.” said Wade.

The checkerboard barcodes can be scanned using a smartphone. Then, it takes the user to a website. These QR codes got their start in Japan with the automotive industry. Now, the FBI says cybercriminals are replacing legitimate codes with malicious ones. It just happened in Texas with parking meters.

“Some criminal has replaced Austin’s QR codes and it takes you to a website that steals credit cards or withdraws money from bank accounts.” said Wade.

You can avoid becoming a victim. If you see one online or in an email, don't use it.

“What’s particularly scary about it is, if someone sends you an email with a QR code, most cyber security software out there can’t do anything with it or detect it.” said Wade.

Wade also urges you not to make payments through QR codes.

“In other words, when there’s an error with a transaction, then it gives you a QR code to complete it, avoid that.” said Wade.

Ultimately, Wade says your best bet is to always be cautious. 

“As soon as you come up with something that’s cool and nice, criminals are going to find a way to thwart it. So, you just have to take some pains to make sure you don’t get fooled.”

Wade also urges users to avoid downloading an app directly from a QR code. Instead, he suggests downloading from your device's app store instead.

  • Once you scan a QR code, check the URL to make sure it is the intended site and looks authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
  • If scanning a physical QR code, ensure the code has not been tampered with, such as with a sticker placed on top of the original code.
  • Do not download a QR code scanner app. This increases your risk of downloading malware onto your device. Most phones have a built-in scanner through the camera app.
  • If you receive a QR code that you believe to be from someone you know, reach out to them through a known number or address to verify that the code is from them.

If you believe you have been a victim of stolen funds from a tampered QR code, report the fraud to your local FBI field office. The FBI also encourages victims to report fraudulent or suspicious activities to the FBI Internet Crime Complaint Center.

Copyright 2022 WFXG. All rights reserved.