QR code email scam targets employee reviews

We received an email that looks for illustration an charismatic HR announcement astir a capacity review. It mentions salary updates, benefits and a deadline. There is besides a QR codification to entree your file.

The connection claims to travel from an soul HR office. Instead, it pushes america to scan a QR codification to entree your appraisal. That setup is simply a classical phishing move. In galore cases, these scams effort to move you disconnected your computer and onto your phone, wherever it is harder to verify links.

So, let's break down what stands retired and why this connection should perfectly not beryllium trusted.

Sign up for my FREE CyberGuy Report

• Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox.
• For simple, real-world ways to spot scams early and enactment protected, sojourn CyberGuy.com - trusted by millions who watch CyberGuy connected TV daily.
• Plus, you'll get instant entree to my Ultimate Scam Survival Guide free erstwhile you join.

FAKE TRAFFIC VIOLATION TEXT SCAM USES QR CODES TO STEAL PAYMENT INFO

A clone HR capacity reappraisal email uses a QR codification to push labor toward a phishing page designed to bargain login details. (Kurt "Cyberguy" Knutsson)

QR codification email scam reddish flags you should notice

This email is built to consciousness regular and urgent astatine nan aforesaid time. Take a person look, and nan reddish flags commencement to adhd up.

Red emblem #1: The sender's email does not lucifer nan company's

The connection shows "CyberGuy" arsenic nan sender. The existent email reside is [email protected]. That domain has thing to do pinch nan marque it claims to represent. This is 1 of nan biggest informing signs. Legitimate companies nonstop HR notices from their ain domain. If nan domain looks unrelated, dainty it arsenic suspicious correct away. 

Red emblem #2: The email creates urgency pinch a deadline

The email says you must enactment by May 15, 2026. Deadlines push group to respond fast. Scammers trust connected that pressure, truthful you skip basal checks. Real HR systems do usage deadlines. The quality is really they present them. They do not trust connected a random email pinch a QR code.

Red emblem #3: The QR codification is nan main telephone to action

The connection tells you to scan a QR codification to entree your file. That is simply a newer phishing maneuver called "quishing."

Why it matters:

• QR codes hide nan destination link
• Your telephone whitethorn not show nan afloat URL clearly
• Security devices connected your machine cannot inspect it

Most companies will nonstop a nonstop nexus aliases inquire you to log successful done a known portal. They do not unit QR-only entree for thing arsenic delicate arsenic compensation details.

Red emblem #4: The greeting is generic alternatively of personal

The email starts pinch "Dear Techtips." It looks for illustration a mailing database aliases placeholder. Legitimate HR messages usually reside you by your afloat name. They often see employee-specific specifications that scammers cannot easy fake.

Red emblem #5: The email uses vague HR strategy language

The email mentions a "secure HR entree system" but ne'er names it. There is nary recognizable level for illustration Workday aliases ADP. That vagueness is intentional. It avoids giving you thing you tin verify.

Red emblem #6: The branding looks existent yet feels off

There is simply a Microsoft logo successful nan message. That does not mean Microsoft sent it. Logos are easy to copy. The layout tries to mimic a firm notice. Still, nan formatting feels generic. Real soul emails usually travel a accordant institution template you person seen before.

Red emblem #7: The high-importance emblem adds pressure

The connection is marked arsenic precocious importance. That ocular cue pushes urgency again. Scammers stack these signals truthful you consciousness for illustration you cannot disregard nan message.

Red emblem #8: The instructions bypass normal login habits

Instead of telling you to log into your HR portal, nan email asks you to scan and entree a record directly. That isn’t really delicate worker information is handled. Companies want you wrong a unafraid login system, not opening a record from a QR code.

FBI WARNS OF QR CODE SCAM DISGUISED IN MYSTERY PACKAGES

QR codification phishing scams tin hide suspicious links, making it harder for users to verify nan destination earlier opening it. (Hispanolistic/Getty Images)

Why QR codification phishing scams are increasing fast

QR codes consciousness safe because we spot them everywhere. Restaurants usage them. Airlines usage them. That familiarity lowers your guard. Scammers return advantage of that trust.

They embed malicious links wrong codes truthful you cannot preview them easily. Once you scan, you whitethorn onshore connected a clone login page that looks real. From there, it is simply a speedy way to stolen credentials.

What happens if you scan a malicious QR code

If nan QR codification leads to a phishing page, a fewer things tin happen:

• You participate your login specifications and manus them over
• Malware downloads silently to your device
• The page asks for much individual information

In immoderate cases, attackers usage nan stolen login to entree institution systems aliases your email account. That tin lead to much attacks against your contacts.

Ways to enactment safe from QR codification email scams

These scams trust connected velocity and distraction. Slow things down, and a fewer elemental checks tin protect your data.

1) Do not scan unexpected QR codes

If an email pushes you to scan a code, pause. Go to nan charismatic website yourself alternatively of utilizing nan code. 

2) Check nan sender's domain carefully

Look past nan show name. Verify nan afloat email address. If it does not lucifer nan company, do not spot it.

3) Use your normal login path

Access HR systems by typing nan URL you already cognize aliases utilizing a saved bookmark. Avoid links and codes successful emails.

4) Watch for generic greetings

Messages that debar your existent sanction should raise suspicion. That is often a motion of wide phishing.

BE AWARE OF EXTORTION SCAM EMAILS CLAIMING YOUR DATA IS STOLEN

Employees should entree HR systems done charismatic portals alternatively of scanning QR codes aliases clicking links successful unexpected emails. (gpointstudio via Getty Images)

5) Confirm pinch your company

If thing feels off, inquire your HR squad directly. Use a known interaction method, not nan 1 successful nan email.

6) Use beardown antivirus software

Strong antivirus package tin artifact malicious links, emblem phishing pages and extremity malware earlier it installs. Get my picks for nan champion 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices astatine Cyberguy.com

7) Consider a information removal service

Scammers often usage individual information recovered online to make emails consciousness much convincing. A information removal work tin trim your vulnerability by removing your accusation from agent sites. Check retired my apical picks for information removal services and get a free scan to find retired if your individual accusation is already retired connected nan web by visiting Cyberguy.com 

8) Keep your devices and apps updated

Security updates spot known vulnerabilities. Turn connected automatic updates truthful you are ever protected.

9) Enable two-factor authentication

Even if your login gets stolen, a 2nd verification measurement for illustration two-factor authentication (2FA) tin extremity attackers from getting into your account.

Join CyberGuy Live: Lock Down Your Phone successful 30 Minutes (Saturday, June 13, 10 americium ET)

Your telephone holds your email, passwords, photos, banking apps and individual data. In this free, unrecorded online class, Kurt nan CyberGuy will locomotion you measurement by measurement done elemental telephone information fixes you tin do successful existent time. You’ll study really to amended your privacy settings, spot nan latest telephone scams, usage trusted information devices and locomotion distant pinch a elemental checklist to enactment protected. Register here: CyberGuyLive.com  

Kurt's cardinal takeaways

Phishing emails support evolving. Today, it is simply a QR codification tied to a clone HR notice. Tomorrow, it could beryllium thing other that feels conscionable arsenic routine. The safest point to do is simple. Do not spot nan way an email gives you erstwhile delicate accusation is involved. Use your ain way instead.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

If a connection asks you to enactment accelerated pinch a QR code, would you extremity and verify it first aliases spot it because it looks familiar? Let america cognize by penning to america astatine Cyberguy.com

Sign up for my FREE CyberGuy Report

• Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox.
• For simple, real-world ways to spot scams early and enactment protected, sojourn CyberGuy.com - trusted by millions who watch CyberGuy connected TV daily.
• Plus, you'll get instant entree to my Ultimate Scam Survival Guide free erstwhile you join.

Copyright 2026 CyberGuy.com.  All authorities reserved.