NORTH Wales Police have received further reports of fake QR codes being placed on car parking machines and electric vehicle charging points across Conwy and Denbighshire.

They say it is probable that it will spread to other parts of North Wales too. 

Criminals often place stickers with their fake QR codes on them over the genuine QR codes. This is known as ‘quishing’ and the criminal’s fake QR code will take you to a fake website that will steal your financial and personal information.

In addition to taking your money via the fake website, criminals will also capture your bank details and possibly other sensitive information such as passwords, financial data, or personally identifiable information (PII). That information can also be used for other purposes, such as identity theft, financial fraud, or ransomware.

Acting Detective Sergeant Roheryn Evans, from the North Wales Police Cyber Crime Team, said: “Criminals are always looking to exploit any means to trick people into providing their personal data, bank details or passwords.

MOST READ

"As with all other cybercrime, consider who is asking you to click on a QR code and whether or not the originator is genuine. Never provide personal information unless it is a trusted source.”

Advice when using QR codes:

  • Always check for tampered QR codes (stickers) before scanning. Some QR codes in open spaces (like stations and car parks) could be risky.

  • If in doubt, do not scan a code and use a search engine to find the official website or app for the organisation you need to make a payment to.

  • When scanning a QR code, use the QR-scanner built into your camera, or one that comes with your phone, as opposed to using a downloaded app from an app store.

  • If you receive an email with a QR code in it, and you're asked to scan it, you should exercise caution as police are seeing an increase in these types of 'quishing' attacks.

  • You should always check your bank accounts regularly and report any suspicious activity to your bank immediately.