How to protect yourself from ASCII-Art QR Code Email Phishing?

Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared

ASCII-Art QR Code Email Phishing

Verdict: Suspicious | Risk Score: 7/10 | Severity: high

Category: UPI, Phishing

How ASCII-Art QR Code Email Phishing Works

Overview: In the ASCII-Art QR Code Email Phishing scam, cybercriminals embed QR codes constructed out of plain text characters (ASCII art) directly in email bodies. This method skilfully bypasses automated spam and phishing filters that typically scan for malicious links in standard images, making the scam harder to detect. These emails often appear as notifications from well-known banks, government offices, or popular online marketplaces, urging recipients to scan the QR for verification, offers, or account recovery. Once scanned, the code could direct users to phishing pages, steal credentials, or install remote access malware. How It Works: 1. The scammer crafts an email using ASCII text to visually depict a QR code. 2. The email claims to be from a major Indian bank, e-commerce portal, or government agency demanding urgent account verification. 3. The victim scans the QR code displayed in the email, believing it to be from a legitimate source. 4. The scan redirects either to a fake website stealing login details or triggers a malicious download. India Angle: As digital literacy increases in India, ASCII-art QR code scams target both urban professionals and small business owners who are comfortable with digital banking and e-commerce emails. These attacks are nation-wide, exploiting the trust in official-looking email notices—especially when coming from names like SBI, IRCTC, or government portals. Real Examples: - "Your UPI account has been suspended. Scan the below ASCII QR code to re-activate instantly." - "New promotional offer! Scan now to avail cashback benefits." Red Flags: 1. QR codes in emails made entirely of dots and dashes (ASCII art) 2. Claims of urgent verification or attractive offers from commonly trusted sources 3. Email sender address [ADDRESS_REDACTED] 4. Instructions to scan QR for tasks typically handled directly in official apps or websites Protective Measures: - Do not scan QR codes from email unless you are expecting it and the sender is verified - Always confirm sender legitimacy by checking the domain name - [NAME_REDACTED] in the official app or portal, never via a QR in an unsolicited email - Report suspicious emails to your IT or cybercrime helpline If Victimised: - Report the incident on cybercrime.gov.in - Quietly alert your bank and change all affected passwords - Watch for unauthorised debits or credential misuse Related Scams: - Image-based phishing emails - Invoice fraud with embedded QR codes - Fake e-commerce notifications requiring app download

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does ASCII-Art QR Code Email Phishing Target?

General public across India

Red Flags — How to Identify ASCII-Art QR Code Email Phishing

QR code drawn in ASCII text in email body
Urgency to scan QR to re-activate, claim offers, or verify account
Non-official sender domains
Unusual requests only handled in official apps

What To Do If You Encounter ASCII-Art QR Code Email Phishing

Do not click any links or share personal information
Block and report the sender immediately
Report at cybercrime.gov.in or call 1930
Inform your bank if financial details were shared

How to Report ASCII-Art QR Code Email Phishing in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What is ASCII-Art QR Code Email Phishing?: Overview: In the ASCII-Art QR Code Email Phishing scam, cybercriminals embed QR codes constructed out of plain text characters (ASCII art) directly in email bodies. This method skilfully bypasses automated spam and phishing filters that typically scan for malicious links in standard images, making the scam harder to detect. These emails often appear as notifications from well-known banks, government offices, or popular online marketplaces, urging recipients to scan the QR for verification, offer
How does ASCII-Art QR Code Email Phishing work?: Overview: In the ASCII-Art QR Code Email Phishing scam, cybercriminals embed QR codes constructed out of plain text characters (ASCII art) directly in email bodies. This method skilfully bypasses automated spam and phishing filters that typically scan for malicious links in standard images, making the scam harder to detect. These emails often appear as notifications from well-known banks, governme
How to protect yourself from ASCII-Art QR Code Email Phishing?: Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared
How to report ASCII-Art QR Code Email Phishing in India?: Report to cybercrime.gov.in or call 1930 (National Cyber Crime Helpline). You can also contact your local police station's cyber cell.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.