google.com, pub-8701563775261122, DIRECT, f08c47fec0942fa0
USA

Fake HR performance review emails use QR codes to steal your passwords

Fake HR performance review emails use QR codes to steal your passwords

NEWYou can now listen to Fox News articles!

We received an email that looked like the official HR notification regarding the performance review. It mentions fee updates, benefits, and deadline. There is also a QR code to access your file.

The message allegedly came from an internal HR office. Instead, it forces us to scan a QR code to access your review. This setup is a classic phishing move. In most cases, these scams try to redirect you from your computer to your phone; here it is more difficult to verify connections.

So, let’s explain what stands out and why this message should definitely not be trusted.

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent safety alerts and special deals straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit: CyberGuy.com Trusted by millions of people who watch CyberGuy on TV every day.
  • Additionally, you will have instant access to my information. The Ultimate Scam Survival Guide It’s free when you join.

FAKE TRAFFIC VIOLATION TEXT SCAM USES QR CODES TO STEAL PAYMENT INFORMATION

A fake HR performance review email uses a QR code to direct employees to a phishing page designed to steal login credentials. (Kurt “Cyberguy” Knutsson)

QR code email scam red flags you need to watch out for

This email is designed to feel routine and urgent at the same time. Look closer and the red flags start to increase.

Red flag #1: Sender’s email doesn’t match the company’s email

The message lists “CyberGuy” as the sender. The real email address is mario@toituresphenix.com. This domain name has nothing to do with the brand it claims to represent. This is one of the biggest warning signs. Legitimate companies send HR notifications from their own domains. If the domain appears irrelevant, immediately treat it as suspicious.

Red flag #2: Email creates urgency with deadline

The email states that you must take action by May 15, 2026. Deadlines push people to react quickly. Scammers rely on this pressure, so you skip basic checks. Real HR systems use deadlines. The difference is how they deliver them. They don’t trust a random email with a QR code.

Red flag #3: QR code is the main call to action

The message tells you to scan a QR code to access your file. This is a newer phishing tactic. “quishing.”

Why is it important:

Most companies will send a direct link or ask you to log in through a known portal. They don’t just enforce QR access for something sensitive like compensation details.

Red flag #4: The greeting is general, not personal

The email begins with “Dear Tech Tips.” It looks like a mailing list or placeholder. Legitimate HR messages often address you by your full name. They often contain employee-specific details that fraudsters cannot easily spoof.

Red flag #5: Email uses vague HR system language

The email mentions a “secure HR access system” but never mentions it. There is no recognizable platform like Workday or ADP. This ambiguity is intentional. It avoids giving you something you can verify.

Red flag #6: The brand looks real, but it feels bad

There is a Microsoft logo in the message. This doesn’t mean Microsoft shipped it. Logos are easy to copy. The layout attempts to mimic a corporate statement. Still, the formatting feels generic. Real internal emails generally follow a consistent company template you’ve seen before.

Red flag #7: High-importance flag increases pressure

The message has been marked as high importance. This visual cue increases the urgency again. Scammers accumulate these signals so you feel like you can’t ignore the message.

Red flag #8: Instructions bypass normal sign-in routines

Instead of telling you to log in to your HR portal, the email asks you to scan and access a file directly. Sensitive data of employees is not handled this way. Companies want you to be in a secure login system, not to open a file from a QR code.

FBI WARNING AGAINST QR CODE SCAMS HIDDEN IN MYSTERIOUS PACKAGES

A woman scanning a QR code on her phone for mobile payment

QR code phishing scams can hide suspicious links, making it difficult for users to verify the target before opening it. (Hispanolist/Getty Images)

Why are QR code phishing scams on the rise?

QR codes feel safe because we see them everywhere. Restaurants use them. Airlines use them. This familiarity lowers your guard. Scammers take advantage of this trust.

They embed malicious links within the codes so you can’t preview them easily. After browsing, you may land on a fake login page that looks real. From here it is a quick route to stolen credentials.

What happens if you scan a malicious QR code?

If the QR code leads to something Phishing pageIt could be a few things:

  • You enter your login information and submit it.
  • Malware is silently downloaded to your device
  • Page requests more personal information

In some cases, attackers use stolen login information to access company systems or your email account. This may lead to further attacks against your contacts.

Ways to protect yourself from QR code email scams

These scams rely on speed and distraction. Slow things down and a few simple checks can protect your data.

1) Don’t scan unexpected QR codes

If an email forces you to scan a code, pause. Instead of using the code, go to the official website yourself.

2) Carefully check the sender’s domain name

Look beyond the display name. Verify full email address. If it doesn’t match the company, don’t trust it.

3) Use your normal entryway

Access HR systems by typing the URL you already know or using a saved bookmark. Avoid links and codes in emails.

4) Pay attention to common greetings

Messages that avoid your real name should raise suspicion. This is often a sign of mass phishing.

BEWARE OF FRAUDULENT EMAILS CLAIMING THAT YOUR DATA HAS BEEN STOLEN

A woman scans the QR code on the computer.

Employees should access HR systems through official portals rather than scanning QR codes or clicking links in unexpected emails. (gpointstudio via Getty Images)

5) Confirm with your company

If something is going wrong, ask your HR team directly. Use a known method of communication, not email.

6) Use strong antivirus software

Strong antivirus software can block malicious links, flag phishing pages, and stop malware before it installs. Get my picks for the 2026 winners for the best antivirus protection for your Windows, Mac, Android, and iOS devices at: cyberguy.com

7) Consider a data removal service

Scammers often use personal data found online to make emails more believable. A data removal service can reduce your risk by removing your information from intermediary sites. Check out my top picks for data removal services and run a free scan to see if your personal information is already on the internet by visiting: cyberguy.com

8) Keep your devices and apps updated

Security updates fix known vulnerabilities. Turn on automatic updates to always be protected.

9) Enable two-factor authentication

Even if your login information is stolen, a second verification step (such as two-factor authentication)2FA) can prevent attackers from breaking into your account.

Join CyberGuy Live: Lock Your Phone in 30 Minutes (Saturday, June 13, 10 a.m. ET)

Your phone holds your email, passwords, photos, banking apps, and personal data. In this free, live online class, Kurt the CyberGuy will walk you through simple phone security fixes you can do in real time. You’ll learn how to improve your privacy settings, spot the latest phone scams, use reliable security tools, and walk away with a simple checklist to stay protected. Sign up here: CyberGuyLive.com

Kurt’s important takeaways

Phishing emails continue to evolve. Today it’s a QR code linked to a fake HR notification. Tomorrow it might be something else that feels like the same routine. The safest thing to do is simple. Don’t trust the route an email gives you when it comes to sensitive information. Instead, go your own way.

CLICK TO DOWNLOAD FOX NEWS APPLICATION

If a message asks you to act quickly with a QR code, do you stop and verify first, or do you trust it because it looks familiar? Let us know by writing to us. cyberguy.com

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent safety alerts and special deals straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit: CyberGuy.com Trusted by millions of people who watch CyberGuy on TV every day.
  • Additionally, you will have instant access to my information. The Ultimate Scam Survival Guide It’s free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning technology journalist with a deep love for technology, hardware and devices that make life better, with his morning appearances on “FOX & Friends” and his contributions to Fox News and FOX Business. Have a technical question? Get Kurt’s free CyberGuy Newsletter and share your voice, story idea or comment on CyberGuy.com.

Tags

Related Articles

Democratic governor outlines steps for party to regain American trust

Democratic governor outlines steps for party to regain American trust

October 11, 2025
Aug. 5 might be one of the shortest days of the year: Here’s why

Aug. 5 might be one of the shortest days of the year: Here’s why

August 5, 2025
Kentucky voters deliver verdict on Thomas Massie and more top headlines

Kentucky voters deliver verdict on Thomas Massie and more top headlines

2 weeks ago
U.S. asks American citizens to ‘leave Iran now’ ahead of high-stakes talks with Tehran

U.S. asks American citizens to ‘leave Iran now’ ahead of high-stakes talks with Tehran

February 6, 2026

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button