Inspiring Business by Sharing Success

Warning after national QR code scam hits Derbyshire motorist in the pocket

Warning after national QR code scam hits Derbyshire motorist in the pocket

A QR code scam is catching out unsuspecting motorists across the country.

Fraudsters are cheating motorists out of thousands of pounds with a simple car parking move, and now a Derbyshire IT expert has warned that there is only one thing the public can do to protect themselves and their hard-earned cash. 

The scam involves criminals covering up genuine QR parking codes on car park payment signs.  The new QR code then directs the unsuspecting motorist to a scam website for payment. 

Victims are finding themselves out of pocket, in some cases to the tune of thousands of pounds, after falling foul of the clever trick and it is a scam that is reeling in even the savviest members of the community. 

Neil Shaw, director at Derbyshire based IT firm, True MSP said:

“This is the latest in a long line of scams targeting different sectors of the community. This time it is motorists who are at risk and it is easy to get duped.” 

After being directed to the fake car parking payment website, the unsuspecting motorist willingly hands over their card details and the fraud is complete. 

Tina Sheppard, from Leicestershire, was travelling to Leicester city centre on business when she was hit by the scam.   

The Derbyshire woman, who had parked her vehicle in a Leicester car park, said:

“The code looked totally genuine. I was off to a business event, and to be honest, my biggest concern was that it was dark and I wanted to get to the hotel where I was dropping my bags off safely.

"I tried to download the parking app on the car park board and it redirected me to a website instead. It looked totally genuine and after putting my card details into the site it crashed.

"I actually called my husband to help me remotely and he successfully managed to help me from home.

"The bank then contacted me to ask if I had genuinely purchased from the site, and thinking there was no issue, I said yes."

"The issue came when I input my details into the website and it timed out (I think), and then I started noticing payments coming out of my account. It started with smaller amounts of £1 and grew to around £80 thereafter. The bank was amazing and I did thankfully get all of the money back."

And she is not alone.  At the end of last year, one woman in the North East of England was reportedly scammed out of £13,000 after falling victim to the scam.   

Cyber and IT specialist, Neil Shaw of Castle Donington based True MSP, said: “QR codes are a blessing and a curse.  

"They are a fantastic way of reaching websites, apps or data quickly when used correctly but the user has no way of knowing where they are being directed until they have scanned the code, by which time it is too late.  You just can’t exercise due diligence as you would with a clear web address.” 

Offering advice to the public, he said:

“Criminals will try to manipulate you by gaining your confidence on the back of the good reputation and good will of legitimate companies – as in the case of these car park scams.

However, if you are in an open or public space where the code could have been tampered with, or if you are not 100% sure where the code has come from, be vigilant and please don’t click.” 

He adds: “In my cyber-crime workshops I demonstrate just this point.  After giving participants cyber-safety advice, I offer them a QR Code for more information.  This takes them to a dummy website that comes up with the words ‘gotcha’. It’s a light-hearted prank but has a serious message.” 

Neil says he would like to see QR codes in the public sector die out.  However, stresses that in the right situation, and correctly used behind a securely accessed password protected system, they are a great way to direct a user to information quickly. 

He said:

“If you’re in a password protected site, perhaps your bank, and you’ve already used your password to enter, then you’re pretty safe to click. 

“Unfortunately, outside of a secure site, there is only one thing that the public can do to protect themselves and their hard-earned cash from a QR code scam and that is don’t scan the code.” 

< Back