Scammers are banking on the fact that while you've been trained to distrust links, you're far less suspicious of QR codes – we are used to scanning them without a second thought. The latest form of bank scam is "quishing" — fake QR codes sent via email or messaging apps that, when scanned, direct you to a fraudulent website engineered to steal your login credentials.

The rule is simple: never scan a QR code you weren't expecting. If a bill, parking notice, or email prompts you to scan one, verify the source independently first. SARS and several banks have already issued warnings about this scam.