Are QR Codes Safe?
A QR code is only a carrier
A QR code is neither safe nor dangerous by itself; it simply points to whatever link or data it contains. That's why claiming "this QR code is safe" or "infected" is technically inaccurate.
The risk comes not from the QR code itself but from the target it points to. A QR code pointing to a malicious website is as risky as typing that link by hand; the QR merely hides the link.
For QR codes you create yourself, the risk is low because you control the content; the problem is usually codes from unknown sources.
Main risks
The most common risk is phishing: a QR code can send you to a fake login page that looks real and tries to steal your password or card details. "Quishing" (QR phishing) is a growing threat in recent years.
Other risks include redirection to malware-downloading pages, links that trigger automatic payments or transfers, and unwanted app installs. Some fake codes are placed via stickers pasted over genuine posters.
Remember that QR codes in public places (parking meters, restaurant tables, posters) may have a fake label stuck over them.
What to watch for when scanning
After scanning a QR code, always check the URL before tapping it; most phones show a preview of the link before opening. Make sure the domain matches the organization you expect.
Be cautious with shortened links (like bit.ly) because they hide the real target. Be extra careful with pages asking for login details, payment or personal data, and don't open the link if in doubt.
Physically, if a QR code has a sticker that looks pasted on afterward, avoid scanning it.
Safe generation tips
When creating your own QR codes, preferring static QR is advantageous for privacy and permanence; the content is directly inside the code and relies on no third-party redirect service. The QR code generator on this site produces static codes.
Dynamic (redirect) QR codes give the flexibility to change the target later, but depend on a service; if that service shuts down or is compromised, your code can be affected. Weigh this trade-off against your use case.
Before publishing, scan your own code to confirm it goes to the correct target.
Summary
QR codes are safe and highly practical when used with care; the danger comes not from the code but from the content behind it. Treat an unknown code with the same caution you'd use before clicking an unfamiliar link.
In short: check the URL, be wary of shortened and login-requesting links, and stay alert to physical tampering.
To safely decode a code and see what it carries, you can use the camera barcode scanner.