Other ways to search: Events Calendar | UTHSC

SPAR – Cybersecurity Tip of the Week – QR Code Scams and the Super Bowl


If you watched the commercials during the Super Bowl last Sunday, you probably saw a QR Code bouncing on your screen. For 20 million viewers who were curious enough to scan the QR Code WITHOUT KNOWING ANYTHING ABOUT IT, the code took them to a Coinbase website. Only in the ad’s final seconds was it revealed who sponsored the commercial.

Last month, the FBI warned the public to guard against QR code scams, but 20 million people in less than a minute did two things:

  • crashed the Coinbase’s website
  • proved to scammers that the average person will fall for a scam if delivered in a way we trust

Criminals can circulate look-alike QR codes to try and trick unsuspecting users into loading up scam websites. For example, a QR code can be designed to lead you to a seemingly legitimate website from a company you trust. But in reality, the landing page has been designed to log your email address, password, or credit card information and hand it off to scammers.

QR code technology is basically a barcode. Once scanned, it will decode into a URL that if tapped, will direct the user to a webpage. To protect yourself, double-check the URL to make sure it looks authentic. Use your SPAR training to examine the URL for misspellings or wrong words. If possible, the safest thing to do is bypass the QR code itself and check out official websites through a browser. And please, don’t scan a QR code you know nothing about!