Imagine receiving an unexpected package from an unknown sender, addressed to you. You open it to find a note that says “gift,” but there’s no information on who sent it. The note instructs you to scan a QR code to find out who the sender is — or to get instructions on how to return it. Is someone really sending you a gift? Or is this just a new attempt to steal your personal information?
If you’re sure it’s a legitimate gift, you might consider keeping it. But be cautious, as this surprise package could be a new scam designed to steal your personal details.
Scanning the QR code could lead you to a fraudulent website that can steal your personal information, like your credit card numbers or login credentials. It could also install malware on your phone, giving hackers access to your device.
What to do if you’ve already scanned the QR code:
- Change your passwords immediately, especially if you entered your login details (username and password) on a suspicious website. Create a strong, unique password and enable two-factor authentication.
- If you’re worried someone has access to your personal information, get a free credit report at AnnualCreditReport.com. Look for signs that someone is using your information, like unfamiliar accounts in your name. (You can get free reports weekly.)
- Review your credit card statements and bank account records for any unauthorized transactions. Consider taking additional steps to protect your identity, such as freezing your credit or setting fraud alerts on your credit report.
If you suspect identity theft, report it and get a recovery plan at IdentityTheft.gov.
Stay vigilant, and remember: if something feels off, it probably is.
