Is the QR Code at FedEx Office Safe to Scan?
Short answer: yes — QR codes shown on official FedEx Office equipment or presented by a staff member are safe. The danger is unsolicited texts and emails with QR codes that impersonate FedEx. Here is how to tell the two apart in seconds.
How FedEx Office actually uses QR codes
There are three situations where you will legitimately encounter a QR code at a FedEx Office location:
- Package hold pickups: When a package is held at FedEx Office for you, FedEx sends a pickup QR code to your email or the FedEx app. You show it to an associate, who scans it to confirm your identity and release the package. You do not scan anything yourself — the associate does.
- Self-service print stations: FedEx Office kiosks display QR codes on screen to wirelessly connect your phone or cloud storage for document printing. These codes are generated on FedEx-controlled hardware inside the store.
- Amazon returns: Amazon's no-box, no-label return process works at FedEx Office locations. You show the QR code from your Amazon app or a confirmation email, and an associate scans it to process the return.
In every legitimate case the QR code appears on FedEx equipment, comes from the official FedEx or Amazon app, or arrives in a message you can independently verify. You are never asked to scan a QR code from a stranger and pay a fee before entering the store.
Where the real scam risk lives: fake delivery texts and emails
FedEx is one of the most impersonated brands in phishing campaigns. Scammers send texts or emails — often looking nearly identical to a real FedEx notification — claiming your package is held at a FedEx Office, stuck in customs, or requires a small redelivery fee. The message includes a QR code to “resolve the issue.”
Scanning that QR code opens a fake FedEx page designed to steal your credit card number, name, and address. Common red flags in fake messages:
- The text or email arrives without you expecting a delivery
- The sender address is not @fedex.com — watch for addresses like fedex-delivery@gmail.com or an unfamiliar short-code text number
- The message demands payment — even a small fee of $1–3 — to release or redeliver your package
- The QR code opens a website that asks for card details rather than simply showing you a FedEx tracking page
Legitimate FedEx notifications link to FedEx.com with your tracking number. They do not require you to scan a QR code and pay before your package is available.
Three checks before you scan any FedEx-related QR code
1. Are you physically inside a FedEx Office store?
If an associate is directing you to display your QR code, or if a kiosk screen is showing you a code to connect your phone for printing, you are in the safe zone — that is normal store procedure. If the QR code arrived in an unsolicited text or email before you left home, treat it with caution.
2. Verify unexpected messages on FedEx.com or the FedEx app
If you receive an unsolicited message claiming to be from FedEx with a QR code, open a browser and go directly to FedEx.com or the official FedEx app. Enter your tracking number there. If there is a genuine issue with your delivery, it will appear — you will not need the QR code from the message.
3. Check what the QR code does before tapping
Use QRsafer to preview the URL inside any FedEx-related QR code before opening it. A legitimate FedEx destination will resolve to a fedex.com or amazon.com domain. If the preview shows an unfamiliar domain, close it and report the message.
What to do if you already scanned a suspicious FedEx QR code
- If you only opened the page and closed it without entering anything: you are almost certainly fine. Simply visiting a page does not compromise your device on modern iPhones and Android phones.
- If you entered credit or debit card details: call your card issuer immediately to flag potential fraud and request a new card number. Monitor your statements for unfamiliar charges.
- If you entered your email address and password: change that password now and enable two-factor authentication on the account. If you reuse the same password elsewhere, change it there too.
- If you are unsure what you entered: treat it as a potential credential compromise and reset your passwords as a precaution.
Report suspicious messages impersonating FedEx to abuse@fedex.com and to the FTC at reportfraud.ftc.gov.
Frequently asked questions
Is the QR code at FedEx Office safe to scan?
Yes. QR codes shown on official FedEx Office equipment or presented by a staff member — such as a package hold pickup confirmation or a self-service print kiosk — are safe. The scam risk is fake delivery texts and emails with QR codes that lead to phishing pages. If you are in the store and an associate is directing the process, you are in the safe zone.
How does FedEx Office use QR codes legitimately?
FedEx Office uses QR codes for package hold pickups (you show the code from your FedEx app or email; the associate scans it), self-service print station connections, and Amazon no-box returns. In every case the code originates from FedEx or Amazon official systems, or is generated by FedEx-controlled hardware. You are never asked to pay a fee via a QR code to complete a standard store transaction.
What does a fake FedEx QR code scam look like?
Fake FedEx messages arrive by text or email claiming your package is on hold or requires a small fee. They include a QR code that opens a convincing FedEx-lookalike page asking for payment or login credentials. Real tells: the sender is not @fedex.com, there is a fee demand, or the QR code destination is not fedex.com. If anything feels off, go directly to FedEx.com or the FedEx app and look up your tracking number — the real status will be there.
Stop guessing. Know before you scan.
QRsafer checks the destination URL against real-time threat databases the moment you point your camera — giving you a Safe, Risky, or Dangerous verdict before the page even loads. Replace your phone's default scanner and never have to manually inspect a URL again.