As the holidays approached, Ed planned to meet some family and friends out for dinner. When the day finally came, he drove to the restaurant and parked his car in a lot nearby. Ed walked over to the pay station and noticed it had a QR code on the side of it that said, “Scan & Park”. Ed examined the machine. It looked old and had some buttons missing. He decided it would be easier to scan the QR code and pay for the parking digitally.
After entering his card details, email address, and phone number, he waited for a confirmation message. But the message never came. Eager to get to dinner, Ed shrugged it off and continued on his way to the restaurant. The night went swimmingly until Ed walked back to his car after the dinner. Not only did he have a parking ticket, but when he went back to the website from the QR code and examined it closely, he realized it didn’t have any details related to an official parking company.
Did you spot the red flags?
- Ed should have examined the website before entering his personal information.
- Since the pay station was functional, Ed could have paid directly through this more legitimate source, even if it took a little more time.
- If Ed looked at the QR code closely, he would have seen it didn’t have a company name or other sign of legitimacy
What you should know about this scam
QR codes can be made by anyone and stickers can be placed in public settings. Avoid scanning random QR codes before verifying the source.
Be wary of QR codes placed randomly on pay stations, especially if they don’t state any details about the website or company involved.
Some cybercriminals stick their malicious QR code over legitimate ones. Even if the sticker is from a well-known company, examine it closely for any signs of tampering.