QR codes are everywhere. You have probably seen at least a dozen QR codes in the last few days. Ordering food at the airport, paying for parking, downloading an app for a flight - all made easier with QR codes. However, QR codes also make it easier for fraudsters too. When you placed that order, was it on the merchant’s page or was it a page that looked like the merchant, but was actually a man-in-the-middle attack? 

Now for the most important question - what are you doing to protect your cardholders from this threat? 

For instance, FIS SecurLock Detect with Rippleshot analyzes transactions and fraud data from across thousands of financial institutions to identify high risk cards before they see fraud. Detect can pinpoint potential common points of purchase so you can take action sooner while reducing your fraud team’s analytical work.

The FTC has been warning about QR code scams and gives tips on how to avoid them here, including these tips: 

• ​​If you see a QR code in an unexpected place, inspect the URL before you open it. If it looks like a URL you recognize, make sure it’s not spoofed — look for misspellings or a switched letter.

• Don’t scan a QR code in an email or text message you weren’t expecting — especially if it urges you to act immediately. If you think the message is legitimate, use a phone number or website you know is real to contact the company.
• Protect your phone and accounts. Update your phone's OS to protect against hackers and protect your online accounts with strong passwords and multi-factor authentication.

Want to learn more about how you can protect yourself and your customers?