Be careful, QR code trap! Police warn of nasty scams

Be careful, QR code trap! Police warn of nasty scams

QR codes are very popular in Austria and offer numerous practical applications, but the police are urgently warning about a new scam. Criminals use fake QR codes to steal personal and financial information from unsuspecting citizens. This form of fraud, also known as “quishing,” particularly targets drivers who pay parking tickets using their smartphones, as well as bank and parcel service customers. Fraudsters cover original codes on parking machines, post office collection slips and bank documents with deceptively real forgeries.

Users who accidentally scan one of these fake QR codes will be directed to fraudulent websites and asked to enter sensitive information. According to reports, around 40 parking machines with such manipulations were discovered in Salzburg in February 2023, and there is also a risk in cities such as Linz and Styria. Drivers are particularly at risk because digital security software is often unable to detect these attacks.

Warnings and Prevention

The Chamber of Labor has recognized the problem as a nationwide phenomenon and warns urgently against the use of stuck-on QR codes. An AK expert advises not to scan these and instead use official apps for payments. In Vienna there were also reports of fake parking tickets that looked like official payment requests from the police. These fraud methods are not only limited to parking machines, but can also be found in emails and letters from banks or the Austrian Health Insurance Fund (ÖGK).

In the context of cybersecurity, it is important to emphasize that quishing is not limited to Austria. Ahead of major events, such as the 2024 Paris Olympics, cybercriminals have registered similar fake QR codes and domains to steal personal information. Security measures against quishing include checking the URL after scanning and manually entering the URL into the browser to minimize risks. Users should always critically check the origin of domains and ensure that websites are secured with “https” and a lock symbol.

Precautions for users

• Überprüfen Sie die URL nach dem Scannen mit speziellen Tools.
• Eingabe der URL manuell, anstatt den QR-Code zu scannen, wenn möglich.
• Prüfen Sie auf SSL-Zertifikate, die sichere Seiten auszeichnen.
• Nutzung von Link-Checkern zur Identifizierung potenziell gefährlicher Links.
• Überprüfen Sie die Bewertungen und die Reputation unbekannter Online-Shops.

Advancing digitalization brings not only advantages, but also new risks. It is essential that citizens remain vigilant and aware of the latest fraud methods to avoid falling victim to cybercrime. The police, as well as other institutions, remain vigilant and continue to inform about this worrying development in the digital world.

Cosmo reports that... Small newspaper informed about… and Security Insiders offers valuable tips for protecting yourself from QR code fraud.