What can I do if my QR Code has been hijacked?

book reader icon
1 Minute
facebook logo gray
linkedin logo gray
mail logo gray
What can I do if my QR Code has been hijacked?

Check the target URL first

If you create a dynamic QR Code on our platform nobody can change the target URL except you or anyone who has access to your account. We do use SSL for secure communication, so it is very unlikely some intercepts your session and routes the user to another malicious side. There is a much higher chance that the website of where your QR Code leads to has been compromised. Make sure first that the target page is online and displays the correct content.

Check if your account credentials have been compromised

You might use your same account credentials on other platforms as well. We strongly recommend to always use a different password on each service and store your passwords in a local password manager like KeePass
Please also go to have i been pwned and enter your email. You will see all services where you have used your email and that have been compromised. You can also check if your password has been leaked on Leaked Password checker.

Account mitigation

Restore your QR Code

When you login to your account, go to the QR Code sections and look for the QR Code that you think has been hijacked. Check if the target URL points to the correct website. You will see next to the QR Code when the URL has been updated for the last time. In case the target URL was changed you can set the URL to the original one.

Change your password

If the QR Code's destination URL has been changed by an unauthorized person, go to your account settings and change the password immediately to make sure nobody else than you can access the account. Use strong passwords that have the following properties.

  • Length: At least 16 characters.
  • Complexity: Use a mix of letters (upper and lower case), numbers, and special characters.
  • Examples

    Another option is to create a memorable phrase of 4 – 7 unrelated words. This is called a passphrase. Here are 2 examples of a strong password or a password phrase:

    • H7^d9V2!qZxP@tB3wL
    • Sunlight!River-Dancing5Elephant

    Secure your account with two-factor authentication (2FA)

    To add a second layer of protection, secure your account with two-factor authentication (2FA) so you need a second device to be able to access your account.

    Check your Browser Plugins

    Make sure that your browser does not have any phishy plugins installed that might sniff your account credentials and send them to a hacker.

    Last update 2 months ago