August 19, 2024 - 1162 views
North Wales Police have received further reports of fake QR codes being placed on car parking machines and electric vehicle charging points across Conwy and Denbighshire.
This is known as ‘quishing’ and takes you to a fake website.
In addition to money being paid to this website, bank details may also be captured as well as sensitive information such as passwords, financial data, or personally identifiable information.
That information can also be used for other purposes, such as identity theft, financial fraud, or ransomware.
Acting Detective Sergeant Roheryn Evans from the North Wales Police Cyber Crime Team said: “Criminals are always looking to exploit any means to trick people into providing their personal data, bank details or passwords.
“As with all other cybercrime, consider who is asking you to click on a QR code and whether or not the originator is genuine. Never ever provide personal information unless it is a trusted source.”
Here is some advice when using QR codes:
Always check for tampered QR codes (stickers) before scanning. Some QR codes in open spaces (like stations and car parks) could be risky.
If in doubt, do not scan a code and use a search engine to find the official website or app for the organisation you need to make a payment to.
When scanning a QR code, use the QR-scanner built into your camera, or one that comes with your phone, as opposed to using a downloaded app from an app store.
If you receive an email with a QR code in it, and you're asked to scan it, you should exercise caution as we are seeing an increase in these types of 'quishing' attacks.
You should always check your bank accounts regularly and report any suspicious activity to your bank immediately.
