Scammers Use QR and Near Field Technology (NFT) to Hack Accounts

Each year, 7-10% of Americans are victims of identity fraud. As more and more people begin to spend more time working from home, the Federal Trade Commission warns that more cybercriminals have begun targeting personally identifiable information (PII) is order to perform account takeover fraud.

Personally Identifiable Information is a hot commodity on the dark web. This information can be taken without you suspecting it and it can be used for nefarious purposes such as access to your online bank accounts and unwanted payments.

Some of the more creative ways that scammers are using include QR codes and Near Field Technology.

Quick Response Codes

QR codes are just two-dimensional barcodes like what your cashier uses at the end of the grocery line. The only difference between QR codes and the barcodes that grocery stores has been using since the 70s is that QR codes are very small and can be read by a variety of machines including your cellphone.

In China, where many former blue collar workers skipped straight over the debit card revolution, QR payments are the second most common form of payment after cash.

What’s the Scam?

Like any financial technology, this is a tool that can be used for good as well as evil. QR codes can be used to commit account takeover fraud or simple wire fraud because most codes look the same to human eyes. This means that there is no easy way to distinguish between a code that somebody shows you at the end of the grocery line and one a scammer approaches you with in a parking lot late at night.

In 2018, this is exactly what happened in the Netherlands, when a group of scammers began using social engineering to trick trusting strangers at parking lots into exchanging €5 in cash for “a quick scan of this QR code.”

Next thing the victims knew, the scammers had emptied out their bank accounts.

The reason why these codes have so much potential for abuse is because it is a relatively simple matter to tape your own code on top of an existing one and seize personal information.

How Can You Protect Yourself

As with any scam, you should alert your bank the moment you suspect foul play. You also should not scan codes in situations that seem out of the ordinary. The most important thing is to stay informed and be aware that yes, it is possible to use these codes to route you into paying somebody for something you didn’t buy or giving them a hold on an online account.

Near Field Technology

NFC technology is what allows you to pay for a meal at a restaurant by bringing your phone close to the waiter’s scanner. This technology is emerging and tightly controlled in most countries, but it is easy to see the potential for chaos that it brings.

According to Deutsche Bundesbank, a majority of payment cards from international providers are moving toward including this technology in all their debit cards.

The tightest controls that prevent scammers from abusing this technology are legal.

  1. European law requires NFT payments to go to business entities. This means that a fraudster would have to create one to access NFT payments.
  2. The limit on how much can be paid through NFT payments is €20. This minimizes the damage a scammer can do if he gets his/her hands on your information.

What’s the Scam?

It is a very minimal but very easy form of wire fraud. All the scammer has to do is bring his/her reader within four centimeters of your scanner.

The real problem is when you consider that this reach has been expanding every year. Amplifying near field technology is also possible. Researchers claimed they could extend communication between emitter and receiver to 80 cm.


Neither QR nor NFT scams are commonplace yet, but both have potential to become major problems in the future. Along with digital fintech trends like cryptocurrencies, Venmo, and Apple Pay, there are many chinks in what used to be a solid suit of armor.

There are many ways for scammers to steal your personal information and even more ways for the scammer to turn that data into money in the bank. The best things you can do to protect yourself is remain informed, report any suspicious activity on your cards immediately, and refrain from accessing sensitive data on public wifi.

Michael Zhou is a Senior VP of Business Intelligence Development and has assisted the Fortune 1000 company with expertise in the web as a whole, including ground-zero marketing efforts that benefit both consumer and vendor. He is also contributor on Esprittoday.

Get started image

Ready to get started?

Get the expert support you need

Related Articles

Armed Robbers Target Small Businesses and Home Businesses

by Team ZenBusiness, on June 05, 2024

10 Things A Small Business Can Do Today To Safeguard Against Cyber Threats

by Team ZenBusiness, on June 17, 2024

Prevent Cyber Crooks from Turning your Computer into a Zombie

by Team ZenBusiness, on June 17, 2024

Dealing With Insurance Companies After A Disaster

Team ZenBusiness, on May 20, 2024

Start Your LLC Today