Police warn: Avoid fake QR codes at parking meters!

Police warn: Avoid fake QR codes at parking meters!

In the last few days, a new case of fraud has been making news, which is causing unrest, particularly in northern Germany. The police are warning about fake QR codes that have been attached to parking meters. This scam, known as “quishing,” exploits the careless use of QR codes to cause unsuspecting users to lose money. Privacy advocates and IT experts recommend paying particular attention when scanning QR codes, as they are presented as a tempting possibility in various public areas.

As the Golem.de reports, quishing is a form of cybercrime in which fake QR codes are used by fraudsters to steal sensitive personal and payment information. This can be a financial stumbling block for inexperienced people, especially in busy places such as parking lots. QR codes that imitate legitimate services are often used to lure unsuspecting users to phishing websites.

How does quishing work?

Scammers simply place fake QR codes next to the original ones, and when someone scans it, it ends up on a fake website. This could, for example, offer a fake payment option where the credit card details entered are intercepted. The dangers of this scam increase the higher the frequency of visitor flows.

Security measures that can help against quishing include:

• Die URL vor dem Scannen des QR-Codes genau prüfen.
• QR-Code-Scanner zu verwenden, die eine URL-Vorschau anzeigen.
• Immer die URL manuell in den Browser einzugeben, anstatt den QR-Code zu scannen.
• Auf SSL-Zertifikate zu achten (d.h. sichere Seiten beginnen mit „https“ und zeigen ein Schloss-Symbol).
• Über Links und Domains mit Tools wie dem F-Secure Link Checker zu überprüfen.
• Bewertungen von Online-Shops in vertrauenswürdigen Bewertungsportalen zu prüfen.
• Sicherheits-Apps zu nutzen, um potenzielle Bedrohungen zu erkennen und zu blockieren.

Dangers at major events

The threat of fake QR codes is not just local. A large number of fake domains have already been registered on the occasion of the upcoming 2024 Olympic Games in Paris. Almost 200 of these “fake websites” imitated legitimate competitors in search results with names like “parisolympics2024.store” or “shop-olympics.shop.” Users who wanted to buy souvenirs or tickets there also unknowingly revealed their credit card details, which ended in a rude awakening for many. Security Insider describes the increased danger, especially during such major events, where there is too much interest and often no caution.

This makes it all the more important to keep an eye on your own online security. Anyone who scans QR codes should always do so with a healthy level of suspicion and ensure that the URL displayed is trustworthy.

It is up to us to stay alert and informed - especially at a time when the digital world is full of risks. The police and cybersecurity experts strongly recommend that you obtain detailed information before using QR codes and, if in doubt, it is better to rely on good old manual entry.