LAFAYETTE, La. (KLFY) — Companies use QR codes to point consumers to their apps, track packages, or view menus. Because these codes can’t be read by the human eye, they have become a way for scammers to disguise malicious links. Better Business Bureau Scam Tracker reports suggest scammers are using them to mislead consumers.

Chris Babin, with the Better Business Bureau of Acadiana, said, “The QR codes were created to make going to certain links and websites quick and if you’re doing that quickly and you’re not looking at the website or the application that it might be opening up, it could put you in a vulnerable position.”

A vulnerable position that could happen to you quickly. QR codes have become more popular as a way for businesses to add a link in the form of a small picture. It can be sent through an email, a message on social media, a text, or even through the mail.

“The problem with a QR code is you don’t see the actual link before you open it on your phone. You hover the phone over the image, and it automatically opens the link. That’s what we’re wanting to let people beware of is sometimes the link is malicious and sometimes it could download stuff onto your phone or bring you to a website that is fraudulent or could steal your information,” added Babin. 

That’s what scammers’ goal is… to steal your information. They hope you will scan the QR code right away, without taking a closer look.

Roddy Bergeron, Chief Information Security Officer with Enterprise Data Concepts, explained, “Anybody can create a QR code. Think of it as a barcode on a product. It’s the same thing. Anybody can create them. These attackers and these hackers are creating malicious websites. Sometimes, they look like real websites. It’s not like a traditional click on a website where you can actually see the website name or review it. The QR code, most of the time, you click on is already out there.”

Bergeron said these fraudulent QR codes are becoming a big issue with frequent attacks happening. Just last week, Bergeron said they had a client fall victim to this scam.

“It started off with a text message followed by that kind of QR code thing where it’s like, ‘hey go to this website and they had $500 in their PayPal account and they were like, ‘we don’t use PayPal so it kind of got them to question why, why are you sending me this, who is sending me this, and they let us know and we said, ‘this is a scam,'” added Bergeron.

The Better Business Bureau has these tips to avoid QR scams:

  • Don’t open links from strangers. If you receive an unsolicited message from a stranger, don’t scan the QR code.
  • Verify the source. If a QR code appears to come from a reputable source, it’s wise to double check.
  • Be wary of short links. If a URL-shortened link appears when you can a QR code, understand that you can’t know where the code is directing you.
  • Install a QR scanner with added security. Some antivirus companies have QR scanner apps that check the safety of a scanned link before you open it.

For more on Eye on Scams, download our Eye on Scams podcast on 10 Talks Acadiana. You can listen to it anywhere you listen to podcasts.

If you have a scam you’d like Sylvia to investigate, feel free to send an email to