qr-code-crypto-scam

New crypto scam via QR code: how a user lost $500,000

March 09, 2026

Not a day without a scam: a new fraud scheme related to scanning QR codes is being discussed in the crypto community. In one case, a user lost approximately 500,000 USDT after scanning a code through a crypto wallet and confirming the transaction.

The QR code opened a malicious contract that gained access to the wallet after the signature.

How the scheme works

The user receives a QR code, supposedly for a payment or transfer. After scanning, the code opens not just a wallet address but a special payload or dApp. The wallet asks the user to confirm the transaction or sign the operation.

If the user agrees, the smart contract receives access to the assets or the right to withdraw them. The funds can then be instantly transferred to other addresses.

An important point: the QR code itself cannot withdraw money. However, it can lead to a malicious contract or dApp that asks for approve or a transaction signature. This is the moment when the wallet becomes compromised.

Why these attacks work

The main issue is that most users perceive a QR code as a normal method of quick payment. In crypto, however, it may contain not only an address but also a link to a contract or a more complex transaction.

If a person does not carefully read the transaction details in the wallet, they may effectively grant access to their assets.

Particularly dangerous are situations where QR codes are sent in chats, messengers, or on websites that look like familiar services.

How to protect yourself

The most important rule: do not sign transactions if you do not understand what exactly is happening.

It is also worth following several basic security principles:

  • do not scan QR codes from unknown sources
  • carefully check what operation the wallet asks you to sign
  • do not give approve to unclear contracts
  • use only trusted crypto services

Why it is important to use trusted services

Such attacks often start with visiting fake websites or suspicious exchangers. That is why it is important to work only with services that have a verified reputation.

For example, Kursoff collects crypto exchangers that go through verification before being added to the aggregator. This allows users to find reliable services faster and reduce the risk of interacting with fraudulent platforms.

In the crypto industry, security often depends on small details. Paying attention to what exactly you sign in your wallet can save your assets.

Other news