Threat Alert: What to Watch For

• Scammers are creating malicious quick response (QR) codes which they are including on official looking forms in public spaces, such as on customer satisfaction surveys outside businesses or on lookalike parking tickets placed on parked cars. 
• The malicious QR codes lead to download sites for malicious third-party applications or lookalike payment websites. 
• These scams ultimately lead to the theft of funds from a victim’s bank account or theft of payment card information.

Tips to Remember (at Work and at Home)

• Treat QR codes with caution. While many of us have gotten comfortable with using QR codes, remember they can be used by attackers to direct you to dangerous websites.   Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that a flier or parking ticket is legitimate. Scammers often imitate well-known organizations, including on printed materials.
• Be cautious of unexpected application downloads. Treat any unexpected application downloads as potentially malicious. 
• Verify potential charges or fines through a known, trusted website. It can be very tempting to follow a QR code link, especially on official-seeming forms like parking tickets. But always follow known links and verify the URL of any webpage before entering credentials or payment information.