Scan to Scam: The Rise of QR Code Scams

QR Codes Gain Popularity

Ever since QR codes were highly used throughout the COVID lockdown, their popularity has surged in the UK. They are now commonly used for various sufficient purposes, such as facilitating transactions like ordering food at restaurants or directing users to company websites. However, with the rise of the usage of QR codes has come with the rise of cyber frauds.

Rise of QR Codes Leads to Rise in Scams

Over the last few weeks on social media there has been continuous footage of people finding fake identified QR code stickers at car parks and paying permits around the UK. These QR codes are believed to have directed people to websites which pay to fraudulent accounts. These QR codes look legitimate as they look exactly like any ordinary QR code and tend to have discounted or special offers displayed to persuade people to give out their details and pay.

Last week, in Fylde, West Lancashire, the council had removed several fake QR code stickers which had been placed on several pay and display machines. One driver scanned one of the codes and had £1,500 taken from her account. Similarly, a few days ago in Aberdeen, police warned citizens about a new 'quishing' scam which has targeted driver's at major car park paying points.

What is QR Code Phishing?

QR code phishing/quishing is an attack that frauds use QR Codes to persuade victims into filling personal information and details into their accounts. This includes login details and debit/credit card information. The website which victims get transferred to also looks legitimate as the attackers create believable sites with branding pretending to be well known brands. This makes them harder to point out as suspicious until a transaction has taken place.

How Can You Spot Fake QR Codes?

You are more likely to witness fake QR codes displayed in open spaces like car parks and pay and display areas compared to closed spaces such as pubs and restaurants
If there are any genuine QR codes placed in open spaces they usually displayed laminated
If a QR code sticker is to be placed over a laminated QR code, chances are the laminated one underneath is the genuine one
Genuine QR codes won't give out discounted or special offers
Download the claimed app from your phones app store and/or search the claimed website on your phones browser to check if it is legitimate instead of directly scanning the QR code
Make sure the website displayed uses HTTPS rather than HTTP whilst also identifying if there are any possible spelling mistakes or errors
If something does not feel right about the QR codes and have doubts then dont share your details

What to do if you gave personal and financial information?

If you have provided financial information to a QR code scam and have lost money from a transaction then please contact your bank immediately as well as reporting it to the local police within your area

Please contact us if you want to talk about how your organisation can take the right steps now to avoid future cyber attacks: