A scam which uses bogus QR codes on parking meters to fool people into downloading malicious software or submitting sensitive financial details to websites controlled by criminals has been identified in areas of the east coast stretching from Greystones to Malahide.
Fingal County Council has issued a warning alerting all motorists to be vigilant of the scam that has been deployed on some Pay and Display parking meters and said its staff were assessing machines and removing any bogus QR codes placed on them.
Wicklow County Council said it was aware of the QR code scam and had reported it to the Garda and deployed staff to check parking machines across Wicklow.
Payzone, which operates the cashless parking service across all Dublin local authority areas, has also engaged IT experts to work with it on taking down the fraudulent links from the QR codes.
According to reports, one woman in the Wicklow area had €1,000 taken from her bank account after falling victim to the scam.
“The council is aware that a bogus QR sticker is being placed on some machines, bringing the user to a fraudulent website which requests credit card details and other personal data,” Fingal County Council said.
It said it had reported the scam to the Garda and warned motorists “not to scan any QR codes or bar codes that may appear on Pay and Display machines. Instead, download the genuine parking app Payzone in use directly from your phones app store and use this, or pay directly by card or cash where available.”
While QR codes are not new, one council source said they were not aware of its parking meters being targeted in this fashion before.
In a warning posted on the Payzone website, it called on consumers to make sure when downloading its app to download it from trusted app stores and to make sure the app listed Payzone as the developer and to be alert to any apps with similar names or those from different developers.
The way the QR code scam operates differs depending on the location or the criminals behind the scam.
One form of the scam sees people who scan the bogus QR codes brought to websites dressed up to look like legitimate enterprises where they are asked for sensitive details. All the information including credit or debit card details is then collected by the criminals.
An alternate version sees the devices which access the QR codes infected with malware which can spy on people and steal data or even take full control of their devices and encrypt them until ransoms are paid.
Bogus QR codes can also send mails from victims’ accounts which can be used by criminals to target others.
- Sign up for push alerts and have the best news, analysis and comment delivered directly to your phone
- Join The Irish Times on WhatsApp and stay up to date
- Listen to our Inside Politics podcast for the best political chat and analysis