QRsafer LogoQRsafer
QR Code Charity Scams: How Fake Donation Codes Steal Your Generosity
← Back to blog

QR Code Charity Scams: How Fake Donation Codes Steal Your Generosity

After disasters strike and at fundraising events, scammers plant fake donation QR codes to steal money meant for real nonprofits. Learn how to spot a fraudulent charity QR code and verify before you give.

2026-04-19 · QRsafer Team

After a disaster strikes or a fundraiser appears in your feed, the impulse to help is immediate. Scammers know this — and they've built a category of fraud specifically around that impulse. Fake charity QR codes intercept donations before they ever reach a legitimate nonprofit, and they're particularly hard to detect because they appear in moments when you're emotionally engaged and not thinking about fraud.

How Charity QR Code Scams Work

The mechanics are simple. An attacker creates a payment page — sometimes a pixel-perfect clone of a real charity's donation portal — and attaches a QR code to it. They then distribute that code through one of three channels: street solicitations, social media posts, or physical tampering with legitimate charity materials.

When you scan and donate, your money goes to the attacker. You receive a confirmation screen. The real charity receives nothing.

What makes this effective is timing. After an earthquake, wildfire, or flood, the impulse to give is strongest, and the pace of social media is fast enough that verification feels slow. Scammers exploit both.

Three Common Variants

1. Street solicitors with QR-code donation signs

You've seen them near intersections, outside grocery stores, or at community events: someone holding a sign or clipboard with a donation QR code. Some are legitimate volunteers for registered charities. Many are not.

Unlike official fundraisers, street solicitors rarely carry verifiable credentials, and a QR code on a printed sign has no ownership trail — it could redirect anywhere. Before scanning a street-solicitation code, ask for the charity's official name, search it in the IRS Tax Exempt database, and then donate directly through that charity's website rather than via the QR code.

2. Fake disaster-relief campaigns on social media

After a high-profile disaster, fake relief campaigns appear within hours. Posts include real disaster photos, mimic the names of well-known organizations — the Red Cross, World Central Kitchen, Direct Relief — and carry QR codes linking to look-alike donation pages.

Real relief organizations post donation links from verified accounts with long histories. A newly created account sharing a QR code for "emergency relief" immediately after breaking news is a significant warning sign. The sense of urgency that floods your timeline is the scammer's most powerful tool — slow down by a few seconds and verify before giving.

3. Tampered QR codes on legitimate charity collection boxes

This variant is the most brazen: an attacker physically places a QR code sticker over the legitimate code on a charity collection box — the kind found at retail checkout counters and restaurant registers. The box is real. The cause is real. The QR code has been quietly replaced.

Before scanning any collection-box QR code, run your finger across it. A raised edge or a sticker layer that doesn't match the surrounding surface means it may have been tampered with. If something feels off, ask the business to check the box.

How to Verify a Charity Before Donating

IRS Tax Exempt Organization database

Search by name at apps.irs.gov/app/eos. Legitimate U.S. charities registered as 501(c)(3) organizations appear here. If the name doesn't turn up, stop.

Charity Navigator and Candid's GuideStar

Both services rate nonprofits on financial transparency and accountability. A 30-second search confirms you're dealing with an organization that files public disclosures and has a track record you can review.

Go directly to the official site

Type the charity's name into a search engine, navigate to the official domain, and donate there. This bypasses any QR code entirely and removes all spoofing risk.

Preview the QR destination before tapping

QRsafer shows you the URL behind any QR code before your browser loads it. A cloned donation page on a recently registered domain — the most common setup for charity fraud — flags as Risky or Dangerous before you've entered a single digit.

If You've Already Donated to a Fake Charity QR Code

  • Credit card: Contact your card issuer immediately and dispute the charge as fraud. Most issuers handle this well.
  • Peer-to-peer payment (Venmo, Zelle, Cash App): Report to the platform and your bank right away. Recovery is possible but not guaranteed — speed matters.
  • Report the scam: File at ReportFraud.ftc.gov and with your state attorney general's consumer protection office. If the scam impersonated a specific charity, report it to that organization directly so they can alert their donors.

For more context on how tax-related QR fraud works alongside charity scams, see our guide to IRS QR code scams. And if you regularly donate at in-person events, our post on QR code scams at church covers the same tactics applied in faith-community settings.

The Rule That Works Every Time

Before donating via any QR code — on a street corner, in a social media post, or on a collection box — ask yourself: can I verify this reaches the charity I intend? If not, go directly to the charity's official website instead.

The three seconds it takes to type a URL could save your donation from going to a scammer.

See also

Download QRsafer for iOS or Android to check any QR code before you give.

FAQ

How do I know if a charity QR code is legitimate?

Search the charity's name in the IRS Tax Exempt Organization database (apps.irs.gov/app/eos) and on Charity Navigator before donating. Then check the URL the QR code resolves to — it should match the charity's official domain. When in doubt, skip the QR code and donate directly through the charity's verified website.

What should I do if I donated through a fake charity QR code?

If you paid by credit card, call your card issuer immediately and dispute the charge as fraud. If you used a peer-to-peer app (Venmo, Zelle, Cash App), contact the platform and your bank right away — speed matters for peer-to-peer disputes. Then report the scam to the FTC at ReportFraud.ftc.gov and to your state attorney general's office.

Do real charities use QR codes for donations?

Yes — many legitimate nonprofits use QR codes for convenience at events and on print materials. The key is verification: a legitimate charity's QR code will point to a recognizable domain matching the organization's official website, and the organization will be listed in the IRS Tax Exempt database. Scan with QRsafer first to preview the destination URL before committing to any payment.

Are disaster-relief QR codes on social media ever real?

Some are, but verify before donating. Real relief organizations post from verified accounts with established histories. Warning signs of a fake: newly created account, urgent language, QR code leading to an unfamiliar domain, and no listing in the IRS Tax Exempt database. When in doubt, go directly to the organization's official website.