Suche
Mein Konto
Attention: Fraudsters use fake QR codes on parking meters!
New scam in Celle: Quishing – fake QR codes on parking machines lead to data theft. Police warn!
Attention: Fraudsters use fake QR codes on parking meters!
In the last few months, a new scam has been spreading in Germany: quishing. This is a perfidious variant of the well-known phishing that targets particularly gullible drivers. The police and the Lower Saxony State Criminal Police Office are sounding the alarm and urgently warning against fake QR codes that are stuck over the real QR codes on parking ticket machines. Users who think they can easily pay with their mobile phone are directed to fraudulent websites that require sensitive data to be entered. There have already been significant financial losses, reports said merkur.de.
QR codes that were pasted over were discovered in several cities, including Bad Harzburg, Goslar, Hanover and Kassel. This not only alerted the police, but also the ADAC, which also warned of this dangerous scam. “Quishing” is the term used for the misuse of QR codes in this context. Fraudsters often use well-known logos to gain users' trust and trick them into revealing their payment information, investigators said.
How does the scam work?
The principle of quishing is simple: a criminal sticks a fake QR code over the real one. Anyone who scans this will usually be redirected to a website that looks very similar to the original. The sites used require payment details to be entered, usually under the pretext of paying a fee or buying a ticket. This happens not only at parking ticket machines, but also at e-charging stations and in local public transport, such as Consumer advice center reported.
What's particularly alarming is the fact that when users scan a QR code, they often can't see where they're being directed. “Not all smartphones display the QR code information before opening,” explains a spokesman for the consumer advice center. This makes the scam even more dangerous.
Precautions and tips
- Überprüfen Sie vor dem Scannen, ob der QR-Code unversehrt ist und keine abziehbaren Sticker aufweist.
- Nutzen Sie Apps, die die Informationen des QR-Codes vor dem Öffnen anzeigen können.
- Bei verdächtigen Informationen oder Anschreiben sollten Sie den Absender direkt kontaktieren, aber nicht die im Schreiben angegebene Telefonnummer verwenden.
- Im Zweifel sollten Sie auf bargeldloses Bezahlen verzichten und stattdessen Barzahlung in Betracht ziehen.
- Betroffene sollten im Falle eines Betrugs umgehend ihre Bank informieren und Anzeige bei der Polizei erstatten.
The number of quishing incidents has increased significantly in recent months. In 2023 alone, over 8,878 such attacks were reported, an increase of 51% compared to the first eight months of the year. A detailed analysis of QR codes shows that almost 2% were classified as malicious, with most attacks aimed at stealing personal information, such as the website QR code tigers turns out.
Given this alarming development, it is urgent to keep a close eye on QR codes. Be careful, only scan codes you are confident about and be careful which website you enter your details into.