Thankfully a lot of browsers already detect and block this behavior
Comment on The growing abuse of QR codes in malware and payment scams prompts FTC warning
Nollij@sopuli.xyz 9 months agoIt’s also pretty easy to disguise the malicious part. For instance, hxxp://LegitimateBusiness.com@ScamMyAss.com
(Hoping that didn’t get blocked as spam)
On many apps, that would truncate somewhere around the .com
agraves@lm.possum.city 9 months ago
phx@lemmy.ca 9 months ago
Or just legitbusiness-online-order[.]com