This is one way for malicious actors to feed you their data. There are many sites that change Bitcoin addresses in QR-codes. If you do this, at least process the data locally with trusted software. I only use qrencode, which is included in my Linux distribution.