Nextdoor QR Code Scam: What It Is and What to Do

Why Nextdoor is a target

Nextdoor is built on the idea that your neighbors are trustworthy. You see real names, actual addresses, and familiar faces — which is exactly what makes it valuable to scammers. The neighborhood-trust model lowers your guard in a way that a cold email or unknown text never could. When a "neighbor" recommends a service or shares a deal, most people don't scrutinize it the way they would a stranger's message.

Attackers exploit this in two main ways: by creating fake local-business posts with QR codes, and by compromising real neighbor accounts to send urgent payment requests.

The two most common Nextdoor QR code scams

1. Fake local-business posts with "exclusive neighbor discount" QR codes. A post appears in your neighborhood feed from what looks like a local landscaper, handyman, cleaning service, or restaurant. It promotes a deal — "scan for 20% off this week only" or "QR code for our neighbor-exclusive menu." The QR code leads to a phishing page that mimics a real business site and asks you to enter your email and payment details to "claim your discount." The business may not exist at all, or the post may be impersonating a real local business. Once your card information is submitted, it goes straight to the attacker. This type of scam is closely related to the fake local listings seen on Facebook Marketplace, just in a setting where your trust level is even higher.
2. Neighbor-impersonation scams using a compromised account. A neighbor's Nextdoor account gets compromised — their password was reused from a breached site, or they fell for a phishing link. The attacker then sends a direct message to that neighbor's contacts explaining an emergency: a car breakdown, a medical bill, a lost wallet. The message includes a QR code directing you to send money quickly via Zelle, Cash App, or a fake payment portal. Because the account has a familiar name, profile photo, and verified address, most recipients trust it and send money before the real neighbor even knows their account was hacked. Real neighbors asking for emergency help in person or by phone is plausible — the same request via a Nextdoor DM with a QR code is a red flag.

Red flags to spot before you scan

• A QR code in a Nextdoor post that leads to a payment or login page. Legitimate local businesses typically link to their own website, not an unfamiliar third-party payment portal.
• Urgency or scarcity language. "This weekend only," "limited to first 10 neighbors," or "I need help right now" are pressure tactics designed to stop you from pausing to verify.
• A DM from a neighbor asking you to pay via QR code. Even if the account looks familiar, verify through a separate channel — a phone call or text to that neighbor's number — before sending any money.
• The QR code destination URL is unfamiliar. Use a QR scanner that shows you the URL before your browser opens it. If the domain doesn't match the business it claims to represent, do not proceed.
• The business has no reviews, no history, and joined Nextdoor recently. Legitimate local businesses build a track record. A brand-new account with an aggressive promotional post is suspicious.

What to do if you already scanned

What you need to do depends on what happened after you scanned:

1. If you entered credit or debit card information: Call your bank or card issuer right away to report potential fraud and request a replacement card. Ask about reversing any charges made. See our guide on QR code credit card scams for a full checklist.
2. If you sent money via Zelle, Cash App, or a peer-payment app: Contact the payment service immediately — some transfers can be recalled within a short window. File a report with your bank. Be aware that peer-to-peer payments generally offer no buyer protection.
3. If you entered an email address or created an account on an unfamiliar site: Watch for phishing emails and change passwords if you used the same one elsewhere. Enable two-factor authentication on your real accounts.
4. If you only scanned and looked — but entered nothing: You are very likely fine. Scanning a QR code alone does not install malware or compromise your accounts; the risk comes from what you do after the page loads.
5. Report the scam on Nextdoor. Use the "Report" option on the post or message to flag it for review. If the post came from a compromised neighbor's account, let that neighbor know so they can secure their account. Also file a complaint at reportfraud.ftc.gov.

If you responded to what turned out to be a fake rental listing shared on Nextdoor, see our guide on rental QR code scams for additional steps.

Frequently asked questions