Police Cyber Security Team issues warning over rise in QR code scams

News and Info from Deeside, Flintshire, North Wales

Members of the public are being warned about the growing threat of QR code scams, also known as Quishing (QR code phishing), as cybercriminals exploit the widespread use of QR codes in daily life.

The North Wales Police (NWP) Cyber Security Team has issued an alert urging people to be extra cautious when scanning QR codes, particularly in locations such as car parks, restaurants, and public transport areas.

But fraudsters can stick their own fake QR codes over legitimate ones, tricking users into scanning them.

Instead of directing them to a trusted website, the fraudulent link takes them to a fake site designed to steal financial details or infect their device with malware.

A common example is in car parks, where criminals place fake QR codes over the real payment stickers.

Victims believe they are paying for parking, but in reality, their bank details are stolen by cybercriminals.

The NWP Cyber Security Team recommends the following precautions to protect yourself from quishing:

Look at the physical QR code you’re scanning. Has a fake QR code sticker been stuck over the original sticker? If it may have been tampered with, stay clear.
Don’t scan random QR codes in public.
Use the default QR code scanner that comes with your device. QR scanners from app stores have a poor track record for security and privacy.
Verify the address a QR is trying to send you to before opening the link.
When possible, avoid using QRs to pay, especially if the payment link leads to an unknown address. Keep in mind too, that fake websites often use similar sounding names to official ones, so check the spelling!