SMEX warns of risks related to scanning QR codes on Israeli leaflets

Beirut, March 13, 2026 — Israeli aircraft dropped on Friday afternoon propaganda leaflets containing QR codes urging people in Lebanon to scan them and contact the Israeli army through Facebook and WhatsApp.

SMEX urges all the residents of Lebanon to refrain from scanning these codes or accessing any links or channels mentioned in these leaflets, as they could pose a serious threat to your personal safety and security.

On the leaflets, there are two QR codes: one for a WhatsApp number and another for a Facebook page. Interacting with these codes can expose your phone number and Facebook account to Israeli intelligence units.

Second, if you access the site, it will immediately identify information about your device, including: the type of phone you are using, your screen size, network information, and—if you are connected via Wi-Fi or mobile data—your battery status and the type of browser you are using.

QR codes may contain links with tracking mechanisms and cookies, even if they simply redirect you to a social media page when clicked. These pages can store certain digital tools locally on your device to track your behavior as a user.

The page may contain JavaScript capable of tracking clicks, scrolling, and form submissions on the page you’ve landed on.

If anyone clears the code or clicks on any links: stay on the lookout for any unknown files downloaded to the device, and immediately exit the site and close the window, disable the phone’s location services, and delete cookies.

Here are some detailed tips:

  • If you reach the page after scanning the code, avoid clicking on anything or entering any personal information, and close the page or app immediately.
  • Open your browser settings and delete:
    • Browsing history.
    • Cookies.
    • Cached files.
  • Temporarily disconnect from the internet: Turn off Wi-Fi and mobile data until you finish verifying.
  • Avoid sharing or sending the QR code to others, even as an image, so that no one scans it out of curiosity or by mistake.
  • Check if anything has been downloaded to your phone or device: Check your downloads folder for any recent, strange, or unknown files (of any file type) and delete them immediately.
  • Check the list of apps on your device; if you find any unfamiliar apps or tools, delete them immediately.
  • Check your phone’s permissions: Go to your device settings and check if any unfamiliar apps have permission to access:
    • Location
    • Microphone
    • Camera
    • Contacts
  • Once finished, restart the device by turning it off and then turning it back on manually (not just by tapping the “Restart” button).
  • Ask your friends to follow the same instructions, that includes children.
  • Check your social media accounts or any notifications you’ve received or may receive in your email regarding login attempts, especially via Facebook, WhatsApp, Instagram, and Google.

Finally, for assistance with any of the steps mentioned, or if you notice any unusual behavior on your device, you may contact SMEX’s Digital Safety Helpdesk via Signal/WhatsApp: +961 81 633 133 or email: helpdesk@smex.org.

Stay safe!

For press inquiries, reach out to media@smex.org
The post SMEX warns of risks related to scanning QR codes on Israeli leaflets appeared first on SMEX.