QR codes are everywhere — but a QR code sent by a stranger can redirect you to a phishing page or initiate a UPI payment from your account. Here is how to check any QR code before you act on it.
Why This Matters
QR codes are commonly used in payment scams because most people scan them without checking where they lead. Malicious QR codes can open phishing websites, initiate UPI collect requests, or install malware. Understanding this takes 2 minutes and can save your bank account.
Step-by-Step Guide
- 1Before scanning any QR code, ask yourself — who gave this to me and why? A stranger sending a QR code to pay YOU is always suspicious.
- 2Use a QR code scanner app that shows you the destination URL before opening it — Google Lens shows the URL before you visit it.
- 3Check the URL shown — if it is a UPI collect link (upi://pay) it means money will leave your account, not enter it.
- 4For payment QR codes in shops, verify the name on the QR matches the business you are paying before confirming.
✅ Quick Tips to Remember
- Always check the URL a QR code leads to before opening it
- UPI QR codes are for paying — never for receiving money
- If a stranger sends you a QR code to complete a payment to you, refuse
- Use Google Lens to preview QR code destinations safely
- Never scan QR codes sent in WhatsApp from people you do not know
Common Mistakes to Avoid
Scanning QR codes without checking where they lead. Entering your UPI PIN after scanning a QR code from a stranger. Assuming that because a QR code was sent by a known contact number it is safe — that number may be compromised.
⚠ Warning Signs You Are Already at Risk
- Someone sent you a QR code to receive payment from them
- You are being asked to scan and enter your PIN to complete a receipt
- A QR code was sent urgently with pressure to scan immediately
- The URL behind the QR code looks unfamiliar or suspicious