Protect Yourself from Quishing or QR Code Scams

Back in December 2023 McAfee published a blog post advising how to avoid being caught out by Quishing or QR code scams.

The blog post related the story of a UK woman who had unwittingly become the victim of such an attack when parking her car.

She scanned the provided QR code with her phone but it took her to a phony parking payment site which then stole her card details.

Fortunately her bank blocked several attempted fraudulent transactions.

But that was not the end of the matter.

The scammers then contacted her directly posing as her bank and convinced her to open a new account, faciliating the theft of more than £10,000.

She had let her guard down and fallen victim to a qhishing attack or QR code scam.

Such attacks were reported by the BBC in April 2025 to have increased 14 fold in just 5 years.

Read more: QR code quishing scams up 14-fold in five years.

Useful things to know about quishing

The McAfee blog post is a really useful quick read and covers such topics as:

• What are QR codes?
• How do QR code scams work?
• What happens if I click on a phony QR code?
• Where do phony QR codes show up?
• How to avoid QR code scams.

Read more: How to Protect Yourself from Quishing or QR Code Scams.

Quick Tips for how to avoid falling victim to a quishing attack

The same blog post reported that the U.S. Better Business Bureau has published a list of steps you can take to protect yourelf.

1. Don’t open links or scan QR codes from strangers.
2. Check the link and the destination.
3. Think twice about following shortened links.
4. Watch out for tampering in physical spaces, like car park signs.
5. Avoid QR code reading apps as they can be a security risk.
6. Don’t pay bills with QR codes.

The McAfee blog post covers each step in more detail.

Key takeaway if you have got this far

The McAfee blog post closes with this useful advice:

"If something doesn’t feel right, keep your smartphone in your pocket and away from that QR code."