Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Scammers Use QR Code Stickers to Target UK Motorists

    Stu Sjouwerman | Sep 27, 2024

    Scammers Using QR Code StickersNetcraft warns that scammers are posting QR code stickers on parking meters in the UK and other European countries.

    In the UK, the QR codes lead to phishing sites that impersonate the parking payment app PayByPhone. The phishing sites are designed to steal personal information and payment data.

    “Looking at British media reports, these parking QR code scams appeared to peak during the summer holiday period (June to September),” Netcraft says. "Activity is concentrated in coastal tourism locations such as Blackpool, Brighton, Portsmouth, Southampton, Conwy and Aberdeen. There are now at least 30 parking apps in the UK, varying by location—an abundance that benefits criminals. By targeting tourist destinations, threat actors can prey on tourists who need to download the parking payment apps and are searching for ways to do so.”

    The phishing pages collect complete payment card details, as well as information about vehicles. The researchers note, “This personally identifiable information (PII) could be used in future phishing attacks, for example, utilizing the threat actor’s knowledge of the victim’s vehicle, including location-based campaigns that utilize the victim’s location codes. After each form is submitted, the phishing websites submit victims’ data to the server. This maximizes the amount of information gathered, i.e., even if the victim exits the site before completing the entire process.”

    Netcraft also found evidence that the same threat actor is conducting similar scams in France, Germany, Italy and Switzerland.

    “The behaviors and characteristics of the threat actor identified through the analysis demonstrates the scale and strategic approach being used,” the researchers write.

    “Not only is this one criminal group operating across a continent, but they are also investing to evade detection and achieve continuous operation. Additionally the criminal group is likely responsible for a number of other attacks. This shows how cybercrime groups adapt and evolve their tactics and respond to opportunities that yield greater impact.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Netcraft has the story.

    Topics: Phishing

    Is Your Organization Vulnerable to Quishing?

    Traditional filters often miss malicious links hidden in QR codes. Launch our Free Quishing Test for up to 100 users to identify security gaps and receive your custom Phish-prone Percentage report within 24 hours.

    Get Your Free Quishing Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All