QR code email scam targets employee reviews

We received an email that looks similar an authoritative HR announcement astir a show review. It mentions wage updates, benefits and a deadline. There is besides a QR codification to entree your file.

The connection claims to travel from an interior HR office. Instead, it pushes america to scan a QR codification to entree your appraisal. That setup is simply a classical phishing move. In galore cases, these scams effort to determination you disconnected your machine and onto your phone, wherever it is harder to verify links.

So, let's interruption down what stands retired and wherefore this connection should perfectly not beryllium trusted.

Sign up for my FREE CyberGuy Report

• Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox.
• For simple, real-world ways to spot scams aboriginal and enactment protected, sojourn CyberGuy.com - trusted by millions who ticker CyberGuy connected TV daily.
• Plus, you'll get instant entree to my Ultimate Scam Survival Guide escaped erstwhile you join.

FAKE TRAFFIC VIOLATION TEXT SCAM USES QR CODES TO STEAL PAYMENT INFO

A fake HR show reappraisal email uses a QR codification to propulsion employees toward a phishing leafage designed to bargain login details. (Kurt "Cyberguy" Knutsson)

QR codification email scam reddish flags you should notice

This email is built to consciousness regular and urgent astatine the aforesaid time. Take a person look, and the reddish flags commencement to adhd up.

Red emblem #1: The sender's email does not lucifer the company's

The connection shows "CyberGuy" arsenic the sender. The existent email code is [email protected]. That domain has thing to bash with the marque it claims to represent. This is 1 of the biggest informing signs. Legitimate companies nonstop HR notices from their ain domain. If the domain looks unrelated, dainty it arsenic suspicious close away. 

Red emblem #2: The email creates urgency with a deadline

The email says you indispensable enactment by May 15, 2026. Deadlines propulsion radical to respond fast. Scammers trust connected that pressure, truthful you skip basal checks. Real HR systems bash usage deadlines. The quality is however they present them. They bash not trust connected a random email with a QR code.

Red emblem #3: The QR codification is the main telephone to action

The connection tells you to scan a QR codification to entree your file. That is simply a newer phishing maneuver called "quishing."

Why it matters:

• QR codes fell the destination link
• Your telephone whitethorn not amusement the afloat URL clearly
• Security tools connected your machine cannot inspect it

Most companies volition nonstop a nonstop nexus oregon inquire you to log successful done a known portal. They bash not unit QR-only entree for thing arsenic delicate arsenic compensation details.

Red emblem #4: The greeting is generic alternatively of personal

The email starts with "Dear Techtips." It looks similar a mailing database oregon placeholder. Legitimate HR messages usually code you by your afloat name. They often see employee-specific details that scammers cannot easy fake.

Red emblem #5: The email uses vague HR strategy language

The email mentions a "secure HR entree system" but ne'er names it. There is nary recognizable level similar Workday oregon ADP. That vagueness is intentional. It avoids giving you thing you tin verify.

Red emblem #6: The branding looks existent yet feels off

There is simply a Microsoft logo successful the message. That does not mean Microsoft sent it. Logos are casual to copy. The layout tries to mimic a firm notice. Still, the formatting feels generic. Real interior emails usually travel a accordant institution template you person seen before.

Red emblem #7: The high-importance emblem adds pressure

The connection is marked arsenic precocious importance. That ocular cue pushes urgency again. Scammers stack these signals truthful you consciousness similar you cannot disregard the message.

Red emblem #8: The instructions bypass mean login habits

Instead of telling you to log into your HR portal, the email asks you to scan and entree a record directly. That isn’t however delicate worker information is handled. Companies privation you wrong a unafraid login system, not opening a record from a QR code.

FBI WARNS OF QR CODE SCAM DISGUISED IN MYSTERY PACKAGES

QR codification phishing scams tin fell suspicious links, making it harder for users to verify the destination earlier opening it. (Hispanolistic/Getty Images)

Why QR codification phishing scams are increasing fast

QR codes consciousness harmless due to the fact that we spot them everywhere. Restaurants usage them. Airlines usage them. That familiarity lowers your guard. Scammers instrumentality vantage of that trust.

They embed malicious links wrong codes truthful you cannot preview them easily. Once you scan, you whitethorn onshore connected a fake login leafage that looks real. From there, it is simply a speedy way to stolen credentials.

What happens if you scan a malicious QR code

If the QR codification leads to a phishing page, a fewer things tin happen:

• You participate your login details and manus them over
• Malware downloads silently to your device
• The leafage asks for much idiosyncratic information

In immoderate cases, attackers usage the stolen login to entree institution systems oregon your email account. That tin pb to much attacks against your contacts.

Ways to enactment harmless from QR codification email scams

These scams trust connected velocity and distraction. Slow things down, and a fewer elemental checks tin support your data.

1) Do not scan unexpected QR codes

If an email pushes you to scan a code, pause. Go to the authoritative website yourself alternatively of utilizing the code. 

2) Check the sender's domain carefully

Look past the show name. Verify the afloat email address. If it does not lucifer the company, bash not spot it.

3) Use your mean login path

Access HR systems by typing the URL you already cognize oregon utilizing a saved bookmark. Avoid links and codes successful emails.

4) Watch for generic greetings

Messages that debar your existent sanction should rise suspicion. That is often a motion of wide phishing.

BE AWARE OF EXTORTION SCAM EMAILS CLAIMING YOUR DATA IS STOLEN

Employees should entree HR systems done authoritative portals alternatively of scanning QR codes oregon clicking links successful unexpected emails. (gpointstudio via Getty Images)

5) Confirm with your company

If thing feels off, inquire your HR squad directly. Use a known interaction method, not the 1 successful the email.

6) Use beardown antivirus software

Strong antivirus bundle tin artifact malicious links, emblem phishing pages and halt malware earlier it installs. Get my picks for the champion 2026 antivirus extortion winners for your Windows, Mac, Android & iOS devices astatine Cyberguy.com

7) Consider a information removal service

Scammers often usage idiosyncratic information recovered online to marque emails consciousness much convincing. A information removal work tin trim your vulnerability by removing your accusation from broker sites. Check retired my apical picks for information removal services and get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com 

8) Keep your devices and apps updated

Security updates spot known vulnerabilities. Turn connected automatic updates truthful you are ever protected.

9) Enable two-factor authentication

Even if your login gets stolen, a 2nd verification measurement similar two-factor authentication (2FA) tin halt attackers from getting into your account.

Join CyberGuy Live: Lock Down Your Phone successful 30 Minutes (Saturday, June 13, 10 americium ET)

Your telephone holds your email, passwords, photos, banking apps and idiosyncratic data. In this free, unrecorded online class, Kurt the CyberGuy volition locomotion you measurement by measurement done elemental telephone information fixes you tin bash successful existent time. You’ll larn however to amended your privateness settings, spot the latest telephone scams, usage trusted information tools and locomotion distant with a elemental checklist to enactment protected. Register here: CyberGuyLive.com  

Kurt's cardinal takeaways

Phishing emails support evolving. Today, it is simply a QR codification tied to a fake HR notice. Tomorrow, it could beryllium thing other that feels conscionable arsenic routine. The safest happening to bash is simple. Do not spot the way an email gives you erstwhile delicate accusation is involved. Use your ain way instead.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

If a connection asks you to enactment accelerated with a QR code, would you halt and verify it archetypal oregon spot it due to the fact that it looks familiar? Let america cognize by penning to america astatine Cyberguy.com

Sign up for my FREE CyberGuy Report

• Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox.
• For simple, real-world ways to spot scams aboriginal and enactment protected, sojourn CyberGuy.com - trusted by millions who ticker CyberGuy connected TV daily.
• Plus, you'll get instant entree to my Ultimate Scam Survival Guide escaped erstwhile you join.

Copyright 2026 CyberGuy.com.  All rights reserved.