QR Scams are yet another type of scam being used to trick people into giving away personal, financial, or other private information.
Below is an actual QR code scam email seen recently at BC. Can you spot the five clues that indicate this is a scam? Scroll down for answers.
- Unknown Sender. It is from a BC person you do not know, or are not expecting to hear from.
- In this case, the phishing email is the result of a hacker gaining access to a Boston College email account, and using that account to send emails to Boston College email addresses found across the web.
- Sense of Urgency. It has an urgent subject, and is prompting you to act quickly.
- Poor grammar and missing punctuation.
- ITS does not send out QR codes to the community.
- Asking for Passwords. The QR code takes you to a web form with a non-BC web address, that asks for your BC Portal password. BC will NEVER ask for a password unless it is on an official BC login screen.
- IMPORTANT: Official login screens always have bc.edu before the first single, forward slash (/), for example: https://login.bc.edu/nidp/idff/sso?id=19&sid=0&option=credential&sid=0
If you receive an email you think may be a scam, please forward it to security@bc.edu.
More Resources
- Scammers hide harmful links in QR codes to steal your information (Federal Trade Commission Consumer Alert)