FBI issues warning on QR code payments

According to the FBI, fraudulent QR codes are easy for scammers to make. In a press release, the FBI stated a `tampered code directs victims to a malicious site, which prompts them to enter login and financial information.` The fake QR codes can also contain malware which will allow “a criminal to gain access to the victim’s mobile device and steal the victim’s location, personal and financial information.” 

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim's mobile device and steal the victim's location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

While QR codes are not malicious in nature, explains the organisation in its press release, it is important to practice caution when entering financial information as well as providing payment through a site navigated to through a QR code. Law enforcement cannot guarantee the recovery of lost funds after transfer.

The FBI is advising everyone to use apps downloaded from the app store instead of scanning QR codes.