“You will then be able to use your mobile phone to scan the code which will allow you to continue your payment on your mobile.
“We will never send you a QR code. If you receive a QR code at any time, it’s a scam.”
Drive-by-QR code phishing
Drive-by-downloads of malware are one of the “most insidious forms” of malware infection, according to Ms Stankard.
She said: “A person must land on an infected site, and a flaw in any software they use can open the door to malware infection.
“QR code phishers take advantage of drive-by-download opportunities by sending phishing emails with QR codes that take the recipient to an infected website: one scan of the code and their mobile device may become infected with a trojan.”
QR crypto scams
While QR codes are often used to make it easier for people to download a legitimate app, they can also be used to encourage people to download malicious ones, such as crypto wallets.
Ms Stankard said: “The QR crypto-quishing scam involves capturing persistent consent (prior authorisation) to use the wallet; this allows the fraudster to drain the wallets of cryptocurrency.”
How to prevent being QR code scammed
There are a few safeguarding steps people can take to reduce the risk of falling into a QR code trap.
According to digital threat platform Aura, to spot the signs of a fraudulent restaurant QR code: “Look for signs that the QR code has been tampered with, replaced, or covered up with a phoney version” or the “QR code is located in an unusual place.”