Gregory's ServerPublic Warning.
If you EVER, and I do mean EVER see a QR code for anything... not just some things, ANYTHING.
Treat it as a scam, do not scan it, they can easily be covered up with malicious redirects to fake sites to steal your financial details. Direct you to malware sites to try and infect your device.
Treat them all the same... as toxic, potential harmful to your identity and security.
Never trust them... EVER!!!
If you 100% must use one, do what you should be doing at any (ATM) cash machine, check for devices that have been installed by crooks. See if you can peel the code off, not just at the area around the code, but the whole sign... look for anything unusual and if you have any doubts... even if it's 1% doubt... DON'T USE IT
This isn't scaremongering, scammers and thieves are out there every day, placing fake QR codes on signs all over the place. No where is safe from them. The way to win is not to play. Don;t buy into the enshitification of everything, don;t be told that you can ONLY do it one specific way (legally they have to offer more than one way to pay for a service).
Please boost and spread the word.
Public Warning.
If you EVER, and I do mean EVER see a QR code for anything... not just some things, ANYTHING.
Treat it as a scam, do not scan it, they can easily be covered up with malicious redirects to fake sites to steal your financial details. Direct you to malware sites to try and infect your device.
@Anomnomnomaly Theft like this isn't enshittification. It's just destruction. Please let Doctorow have his day in the light for drawing out a truly horrendous business practice.
@Anomnomnomaly This is why we can't have nice things.
@Anomnomnomaly i agree that you should never scan qr codes, but i'd like to point out that if a company needs to update the url in one they'll often just put a sticker over the old one, because they don't care at all that it looks exactly like a scam. it's the same as when banks use weird 3rd party domain names for different parts of their website or emails, there's just no incentive for them to care since there's no regulations forbidding them from doing so. they're just going to continue training people to click on suspicious links (or scan qr codes) even though they look exactly like the sort of things that all the security trainings cry foul about
also if anyone uses zxing barcode scanner make sure to go into settings and uncheck "retrieve more info" so it doesn't ping the remote server when you scan a qr code
@Anomnomnomaly i agree that you should never scan qr codes, but i'd like to point out that if a company needs to update the url in one they'll often just put a sticker over the old one, because they don't care at all that it looks exactly like a scam. it's the same as when banks use weird 3rd party domain names for different parts of their website or emails, there's just no incentive for them to care since there's no regulations forbidding them from doing so. they're just going to continue training...