Beware of the new sneaky parking QR code scam
You might think you're pretty sharp when it comes to spotting online trickery, but these fraudsters are seriously upping their game with QR codes.
'
QR codes: From convenience to con
Remember when QR codes were just those funky square patterns you'd see on product packaging? Well, they've come a long way, baby. These days, they're everywhere — from restaurant menus to, you guessed it, parking meters. But while they've made our lives easier, they've also opened up a new avenue for scammers to exploit.
'
The scam in action
Picture this. You're headed to the beautiful beaches of Redondo, California . You find a spot, stroll up to the meter and see a QR code for easy payment. Convenient, right? Not so fast. In a brazen move, scammers plastered fake QR codes on about 150 parking meters along the Esplanade and Riviera Village area. These phony codes were strategically placed right next to the legitimate ParkMobile and PayByPhone labels. Talk about hiding in plain sight.
Head down the coast to San Clemente, and you'll find a similar story. One unsuspecting driver fell victim to this digital deception . He scanned what he thought was a legitimate code, only to find himself on a fraudulent website. Within minutes, his wife's credit card company was calling about unauthorized charges. Talk about a parking nightmare.
This scam isn't isolated to California. Law enforcement agencies across the country are reporting similar scams, now dubbed "quishing" (QR code phishing). These scams typically target high-traffic areas and aim to collect personal and financial information from unsuspecting victims.
How the scam works
These scammers are using QR code technology to pull off their tricks. Here's their playbook:
The fake sticker: The scammers create QR code stickers that look just like the real deal.
The lookalike URL: The crooks set up websites with names eerily similar to legitimate parking payment sites. For example, PoyByPhone instead of PayByPhone. Spot the difference? It's not easy.
The data grab: Once you're on the scammer's site, they ask for your location and payment info, just like a real parking app would.
The quick getaway: With your data in hand, the thieves start making unauthorized charges faster than you can say "parking ticket."
How to protect yourself
Before entering any information, carefully examine the web address for any irregularities or misspellings.
Whenever possible, use the official city parking app instead of scanning QR codes.
Be wary of QR codes that appear to be afterthoughts or look like they've been added on top of existing signage.
Sometimes, using coins or a credit card directly at the meter is the safest option.
Regularly update your phone's operating system and security software to protect against the latest threats.
Public Wi-Fi networks are often unsecured, making them prime hunting grounds for cybercriminals. When making parking payments, use your cellular data connection instead. Remember, it's better to use a bit more mobile data than to risk your financial information falling into the wrong hands. If you must use public Wi-Fi, consider using a VPN to encrypt your connection and protect your data from potential hackers. For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices.
Ignore links sent via email, text or social media claiming to be for parking payments. Instead, manually enter the official parking website or use the city's app.
Your smartphone's built-in camera is typically sufficient for scanning QR codes. Avoid downloading third-party QR code scanning apps, which could potentially contain malware.
If you receive a QR code for payment via email, don't rush to pay. Contact the company directly through their official channels to confirm the request.
Be cautious about clicking on any links that appear in emails, texts or social media messages regarding parking payments. Scammers often use these methods to direct you to fake websites that may look legitimate but are designed to steal your personal and financial information.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices .
What to do if you've been scammed
If you think you've fallen victim to a QR code con, don't panic. Here's your action plan:
Contact your bank: Immediately call your credit card company or bank to report the fraud and freeze your accounts.
File a report: Contact your local police department.
Alert the FTC: File a complaint with the Federal Trade Commission at ftc.gov/complaint.
Monitor your credit: Keep a close eye on your credit reports for any suspicious activity.
Kurt's key takeaways
Remember, scammers are constantly evolving their tactics, but so are the good guys. By staying informed and using a healthy dose of skepticism, you can enjoy the convenience of digital payments without falling victim to these parking predators. So, the next time you're out and about looking for a parking spot, keep these tips in mind, and don't let the scammers take you for a ride.
In your opinion, how can cities better protect residents and visitors from scams like these? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover
Answers to the most asked CyberGuy questions:
New from Kurt:
