As the holiday season ramps up, cybersecurity experts are warning shoppers in Northwest Georgia and across the country to be cautious when using QR codes. While the codes have become a convenient part of everyday life—used for menus, payments, package tracking, and event check-ins—they are also becoming a growing target for scammers.

Security analysts say bad actors are increasingly placing fake QR codes over legitimate ones in public places. When scanned, these altered codes can redirect users to malicious websites, trick them into entering passwords, or even download harmful software onto their phones. The risk rises during the holidays when more people are shopping, traveling, and rushing through crowded stores and parking areas.

This type of scam, known as “quishing,” is becoming more common. Data shows that most QR code users do not verify the link before opening it, making it easier for criminals to take advantage of distracted consumers. Experts recommend previewing the URL that pops up before clicking, checking for misspellings or unusual web addresses, and avoiding QR codes that appear to be taped over or placed on top of existing signs.

They also advise keeping phones updated with the latest security patches to reduce vulnerability to malware. As QR codes continue to grow in popularity, cybersecurity professionals say awareness is the most effective defense. Simple caution—like double-checking a link—can prevent a scam from ruining the holiday season.