Skip to main content
    Free Tool

    Before You Scan — Understand Where That QR Code Takes You

    QR codes are links in disguise. Scammers hide bad URLs inside them. Here is how to check safely.

    3 Ways to Check a QR Code Before Scanning

    On iPhone

    Open the Camera app and point it at the QR code. iOS shows the URL as a banner first — it does not open automatically. Read the URL. If it looks wrong, do not tap.

    On Android

    Use Google Lens (built into the Camera app on most Androids). It previews the URL before opening. If your phone auto-opens links, switch to Lens for QR codes.

    Use a desktop QR decoder

    If you suspect a QR is malicious, take a photo and upload it to a decoder website like qrserver.com or qr.io on a computer. Read the URL there before deciding to visit.

    Paste the decoded URL here

    QR Code Scams You Should Know

    Parking meter QR scams

    Stickers placed over real parking meter QR codes redirect to fake payment pages that steal card info. Pay through the city app or with the meter directly.

    Restaurant menu overlays

    Fake QR stickers placed on top of real menus on tables route you to phishing pages or "tip" sites. Ask the host for the menu URL or use a paper menu.

    Gift / prize QR mailers

    A postcard arrives saying you won something — scan to claim. Almost always a phishing or malware page.

    "Verify your account" flyers

    Posted on doors or sent in mail asking you to "verify" with a QR. Real banks and utilities never do this.

    Crypto wallet QR swaps

    Some malware swaps a wallet address QR for the attacker's. Always verify wallet addresses by other means.

    When QR Codes Are Safe

    Official company packaging

    Codes printed onto sealed retail packaging are usually safe — but still check the URL preview matches the brand.

    Restaurant tables you trust

    If the QR is laser-etched or printed into the table — likely fine. Loose stickers, especially overlapping older ones — skip.

    Tickets from trusted sellers

    Tickets from Ticketmaster, AXS, the venue, or your airline app — fine. Tickets forwarded by strangers — verify the sender first.

    Your own saved QRs

    Codes you generated yourself for sharing Wi-Fi or contact info are safe.

    Skip it if...

    • It is a sticker placed over another sticker
    • It arrived in unsolicited mail
    • It promises money, prizes, or refunds
    • The decoded URL is shortened (bit.ly, tinyurl) or unfamiliar
    • It urges you to act quickly
    • It asks for payment, card details, or login info
    Want a deeper link check? Try the URL Safety Checker
    What Does This QR Code Do? — QR Code Safety Check | TekSure