Nintendo eShop QR Code Scam: Free Credits, Prizes, and Phishing
A QR code that promises free Nintendo eShop credits, a prize, or an exclusive deal is almost certainly a scam. Here are the three forms it takes and exactly what to do if you already scanned one.
The three Nintendo eShop QR code scams
Variant 1 — Fake prize or giveaway codes. A QR code appears on social media, a Discord server, a Reddit post, or a physical flyer promising a reward like "1,000 free eShop credits" or "a free copy of [popular game]." Scanning takes you to a page that asks for your Nintendo Account login — and sometimes your credit card — to "verify your age" or "confirm your mailing address." In reality the page harvests your credentials and any payment info you enter, then disappears. Nintendo does not send unsolicited QR codes for prizes or credits through any channel.
Variant 2 — Resale-market codes already redeemed. Someone lists a Nintendo eShop gift card code on eBay, Craigslist, Facebook Marketplace, or a Discord "code trading" channel — sometimes accompanied by a QR code image of the code itself for convenience. The seller has already redeemed the code before or immediately after the sale. When the buyer tries to use it, the eShop reports the code as invalid or already used. Because Nintendo cannot reissue redeemed codes, the buyer's only recourse is a payment dispute through their bank or credit card issuer, which isn't always successful for digital goods purchased from a third party.
Variant 3 — Phishing pages that mimic the Nintendo login. Attackers build pixel-perfect copies of the Nintendo Account sign-in page and distribute QR codes pointing to them — via spam email, text messages, and fake Nintendo social media profiles. The goal is account takeover: once the attacker has your email and password, they drain your eShop balance, make purchases with any stored payment method, and may sell the account itself. The pattern mirrors the broader fake giveaway QR code scam playbook used across platforms.
Nintendo never sends QR codes for credits
This is the rule with no exceptions: Nintendo does not distribute eShop credits, game codes, or prizes through unsolicited QR codes — not by email, not by text, not through social media, and not on third-party websites. Legitimate Nintendo promotions and My Nintendo reward redemptions happen entirely within your Nintendo Account dashboard at accounts.nintendo.com or inside the eShop itself.
If a QR code requires you to log in anywhere other than the official Nintendo Account page, that login page is a fake. Check the URL carefully: the real Nintendo Account sign-in is at accounts.nintendo.com — attackers often use domains like "nintendo-rewards.com," "mynintendo-credits.net," or addresses with subtle misspellings.
The same irreversibility logic that makes gift card QR code scams so damaging applies here: eShop balances spent by an attacker cannot be refunded, and accounts compromised for long enough may be permanently banned by Nintendo for unauthorized transactions.
What to do if you already scanned
Your response depends on how much information you provided.
If you scanned but did not enter any information: You are almost certainly fine. Close the browser tab, clear your browser cache, and don't return to the page. Simply landing on a phishing page without submitting data does not compromise your account.
If you entered your Nintendo Account email and password:
- Go directly to accounts.nintendo.com on a trusted device and change your password immediately.
- Enable two-step verification if it isn't already active (Settings → Sign-in and security).
- Check your eShop purchase history and any stored payment methods for unauthorized charges.
- Change the password on your email account and any other account that shares the same password.
- Contact Nintendo Support to report the compromise and request a review of recent account activity.
If you entered payment card details: Call your bank or card issuer immediately to report potential fraud and request a new card number. Ask about disputing any charges that appear.
Report the phishing site or scammer to the FTC at reportfraud.ftc.gov and to the platform where you encountered the QR code. For a full recovery checklist, see what to do if you scanned a suspicious QR code.
Frequently asked questions
Does Nintendo ever send QR codes for free eShop credits?
No. Nintendo never sends unsolicited QR codes for free credits, game downloads, or prizes — not by email, text, or social media. Any QR code making that claim is a scam. Legitimate My Nintendo rewards are redeemed inside your Nintendo Account or the eShop directly.
I scanned a QR code for free Nintendo credits and it asked me to log in — what should I do?
If you entered your Nintendo Account credentials, go to accounts.nintendo.com immediately and change your password, then enable two-step verification. Change the password on any other account sharing those credentials, especially your email. If you entered payment details, call your bank right away. Report the incident to the FTC at reportfraud.ftc.gov.
I bought a Nintendo eShop code from a resale site and it was already redeemed — can I get my money back?
Nintendo cannot reissue redeemed codes. Dispute the charge with the payment method you used — a credit card chargeback gives you the best odds. Report the seller to the resale platform and file a complaint with the FTC at reportfraud.ftc.gov. Always buy Nintendo gift cards from official retailers to avoid this risk.
Preview a QR code's destination before you scan
QRsafer checks every QR code against multiple threat intelligence sources and tells you whether the destination is Safe, Risky, or Dangerous — before your browser opens anything. Free on iOS and Android.