Loading…
Stop QR Code Scams: Quishing Checker Tool
Use the Quishing Checker Tool any time you’re scanning QR codes on posters, parking meters, restaurant menus, parcels, or emails, especially when money, logins, or personal details are involved.
QR codes are convenient, but they can also hide “quishing” (QR phishing) links that send you to fake sign-in pages, surprise downloads, or tracking-heavy redirects.
This page gives you a safer way to check before you click. Upload (or paste) a QR image and preview the real destination without opening it, so you can verify the domain, spot common red flags, and only proceed if it makes sense.
Quishing Checker (QR Code Safety Checker)
QR codes can hide shortened links, redirects, or tracking. Upload (or paste) a QR image to reveal the destination without opening it — then decide what to do next.
Privacy: your image stays on your device. This tool decodes QR codes locally in your browser.
1) Add a QR image
Drag & drop a QR image here
…or choose a file, or paste an image (Ctrl+V)
What this tool checks
- Decodes the QR content (URL or text) without opening it
- Shows the domain, protocol (HTTP/HTTPS), and key URL “red flags”
- Attempts to unwrap common redirectors/shorteners (where possible)
- Optionally removes common tracking parameters (UTM, fbclid, gclid, etc.)
2) Preview destination safely
Upload a QR image to see the decoded destination.
Nothing will open automatically — you stay in control.
Decoded content
—URL preview
—
Redirect/shortener detected:
—
We’ll try to reveal the final destination (when it’s present inside the link). If we can’t, treat it with caution.
Checks & warnings
Safer habit: type the brand’s website manually and navigate from there (instead of opening a QR link directly).
Optional online link checks (shares the URL with third parties)
These services can be useful, but they receive the link you submit. Only use them if you’re comfortable sharing it.
This QR code isn’t a web link
Some QR codes contain plain text, Wi-Fi credentials, phone numbers, or contact info. If you didn’t expect that, be cautious.
Safer QR habits (quick checklist)
Theme
QR codes can hide where a link really goes (shorteners, redirects, look-alike domains).
Action
Decode first, check the exact domain, then open only if it matches what you expected.
Outcome
Fewer surprise redirects, fewer fake login pages, less tracking — and more confidence.
Before you open a QR link
- Match the brand name: spelling, hyphens, and “extra” words matter (e.g., brand-secure-login).
- Prefer HTTPS for logins and payments (but still verify the domain).
- Be cautious with shorteners (t.co, bit.ly, tinyurl) — you can’t see the real destination at a glance.
- Avoid downloads from QR links unless you fully trust the source.
- When unsure: don’t open — search the company/venue manually instead.
QR Code Safety Checker FAQs
Does this tool upload my QR image?
No. The QR image is decoded locally in your browser. Nothing is uploaded as part of decoding.
Can this tool guarantee a QR link is safe?
No tool can guarantee safety from the URL alone. This checker helps you see where the link goes and spot common red flags before you open it.
Why do some QR links show as “shortener/redirect”?
Some QR codes use short links (like bit.ly) or redirectors. These can hide the final destination until opened. If you can’t confirm the real domain, treat it with caution.
What does “cleaned link” mean?
It removes common tracking parameters (like UTM tags and click IDs). Cleaning a link can reduce tracking, but it doesn’t change the destination domain.
What if the QR code isn’t a website?
Some QR codes contain text, Wi-Fi details, contact cards, or phone numbers. If it’s not what you expected, don’t proceed — especially in public places.
Why does HTTPS matter?
HTTPS encrypts the connection, which is important for logins and payments. But HTTPS doesn’t prove a site is legitimate — you still need to verify the domain.
Was this page helpful?
Thanks! ✅