I see people use QR codes in fundraising graphics.

Be advised that QR codes in graphics are easily replaced by bad actors, essentially giving them an opportunity to try and hijack some payments and funnel them to their own accounts.

Worst case, the original fundraiser reposts a fake graphic, thinking it’s their own.

"Imagine you are a campaign owner who has produced a graphic asking for donations, encouraging people to scan a QR code. You see someone on social media posting your graphics and encouraging to donate to your efforts. It's likely full of praise for you and your mission. It makes you happy and proud, so you republish it and thank them.

Now what if I told you that person was not actually posting your graphic, but a manipulated one with their own QR code in place of yours. So now you've repeated their version of the image to all of your own followers, essentially endorsing it and helping them in their deceptive efforts.”

Recommendation: don’t use QR-codes in graphics. Use official, verifiable web addresses.

My full article on this: https://axbom.com/qr-hijacking/