Cookie settings

Cookies are small text files stored on your device to identify you and can be used to remember user preferences and analyse traffic to further improve our website. We may share information about your use of our site with our social media, advertising and analytics partners. By clicking "Accept all cookies", you agree to the use of all cookies as described in our cookie statement or "Accept only essential cookies" to only use cookies that are necessary for the functioning of our site.

Read our cookie statement here.

You can choose to adjust your preferences at any time.

Wholesale Banking

The dangers of scanning QR codes from email

QR or Quick Response code is an easy way to link to full content. But the issue is that you don’t know where you’re going, and it can lead to a dangerous trap set by cybercriminals.

Unfortunately, cybercriminals have found ways to exploit QR codes, using them as a tool for phishing and malware distribution. Scammers often send fraudulent emails containing QR codes, enticing recipients to scan them. Once scanned, these codes can lead to various malicious actions, such as:

  1. Fake websites: redirecting users to fake websites designed to steal personal information like usernames and passwords.
  2. Malware downloads: scanning a QR code can trigger the download of malicious software onto your device, compromising your organisation’s security and privacy.
  3. Financial fraud: scammers can use QR codes to initiate unauthorised transactions or steal funds from your digital wallets.
  4. HR scam: scammers can send you a fake “payroll” email with a QR code that takes you to a malicious website, requiring you to fill in your credentials to get a fake “salary increase, compensation modification, insurance revision etc.”

Keeping your organisation safe and secure is a top priority. This means staying alert and vigilant, whether at work or on personal devices. 

Take precautions today

Always verify the legitimacy of the source before scanning any QR code.  If you receive an email with a suspicious QR code. You can use the SLAM technique:

S: check the sender’s email address

L: verify links

A: beware of attachments

M: read the message carefully for ‘phishing’ methods urging you to take immediate action.

If you receive an email with a suspicious QR code, report it to your security department.

More content on Banking Safely