(WXYZ) — Ahead of the 2026 Detroit Auto Show, the Michigan Attorney General's Office is issuing a variety of warnings for attendees.
According to Attorney General Dana Nessel, there are a variety of scams that people should look out for when attending the Auto Show and other large events.
Below are some details about each one.
QR code hijacking
According to the AG's office, QR codes are being hacked by criminals who are placing stickers with codes they created over real QR codes. When scanned, the fake codes direct victims to phishing websites where their financial information can be stolen.
At the Auto Show, attendees can encounter a QR code where they learn about products, share information, get rewards, discounts and more.
“A QR code in a public place can easily be tampered with, especially at large events,” Nessel said. “While enjoying the Auto Show this month, remember not to scan a code if it is on a sticker, looks like it has been replaced, or is covered up.”
Watch below: 2026 Detroit Auto Show: What are some of the auto trends we'll see this year?
Parking scams
According to the AG's office, the Detroit Auto Show is encouraging people to secure a place to park in advance, and ask for a receipt or parking ticket upon payment.
She also said to never give keys to the attendant unless there are posted valet signs and you've confirmed with the location that they offer a valet service.
Another scam, according to Attorney General Dana Nessel, involves bad actors issuing fake parking tickets, which they then use to steal your information via a fake website.
Watch below: 7 family-friendly attractions at the Detroit Auto Show beyond the cars
Common phishing and skimming scams
Nessel also said that people should be alert for phishing emails or smishing texts that may appear to be from legitimate
sources like the Auto Show or City of Detroit.
Those emails and texts may contain links to fake websites which are designed to steal your personal information or login credentials.
If people receive a suspicious email or text, they should:
- Not download any attachments in the message. Attachments may contain malware such as viruses, worms, or spyware.
- Not click links that appear in the message. Links in phishing messages direct consumers to fraudulent websites.
- Not reply to the sender. Ignore any requests from the sender and do not call any phone numbers provided in the message.
- Report it. Forward suspected phishing emails to the Anti-Phishing Working Group [links-2.govdelivery.com]. Consumers who receive a smishing text message should forward it to SPAM (7726), then report the smishing attack to the FTC
