RHC Editorial Staff: 20 September 2024 09:25
Criminal groups in Europe actively use QR code fraud (quishing) to defraud tourists. Netcraft researchers they reported that two major criminal gangs are using QR code schemes to pay for parking, spreading them across the UK and other countries.
Scammers place fake QR codes on parking meters, redirecting people to fake websites that ask for personal and bank card details. This not only leads to the theft of funds, but also threatens fines for unpaid parking.
The first sign of the new threat came in August, as British insurance company RAC warned motorists to be careful and only pay for parking using official apps or in cash. The company estimates that in the last two months since the alert was issued, more than 10,000 people have been affected by these programs.
Support RHC by purchasing the CTI Course:
Support RHC through:
The spread of this type of fraud is gradually spreading beyond the borders of Europe. Therefore, the United States and Canada are also starting to address this problem. The FBI has already warned about the threat posed by cybercriminals who use QR codes to steal funds from users.
In the UK, Scammers started with QR code stickers in central London before the scheme spread across cities such as Blackpool, Brighton, Portsmouth e Aberdeen. Scammers attribute particular importance to tourists who are unfamiliar with local parking systems.
One of the criminal syndicates masquerades as app PayByPhone. Users scan fake codes, enter their car and bank card details and the site confirms successful payment. However, in reality, the money is sent to the scammers.
According to researchers, all fraudulent sites have similar characteristics: are registered through the domain name registrar NameSilo and use the domains “.info”, “.click”, “.live” and others. Fake sites also use Cloudflare protection to mask fraudulent activity.
Robert Duncan of Netcraft notes that it is difficult for companies to protect themselves from such attacks because mobile devices are less secure than computers. However, using specialized brand protection platforms can help identify threats at an early stage.
Editorial Staff
The Red Hot Cyber editorial team is made up of a group of individuals and anonymous sources who actively collaborate by providing preview information and news on cybersecurity and IT in general.