Scammers use bogus QR codes on parking meters to cash in

By: Mary Beth Almond | Rochester Post | Published November 25, 2024

The FBI issued a warning that criminals are hijacking QR codes by placing stickers with codes they create over the top of the real QR code. When scanned, these malicious codes direct victims to phishing websites where they can steal personal or financial information. After checking the black QR codes on the city’s 709 parking meters, police found 20 meters had bogus QR code stickers carefully attached over the real ones.

The FBI issued a warning that criminals are hijacking QR codes by placing stickers with codes they create over the top of the real QR code. When scanned, these malicious codes direct victims to phishing websites where they can steal personal or financial information. After checking the black QR codes on the city’s 709 parking meters, police found 20 meters had bogus QR code stickers carefully attached over the real ones.

Photo by Mary Beth Almond

Advertisement

ROCHESTER — A sneaky new scam that’s draining motorists’ wallets has made its way to Rochester. 

The FBI issued a warning that criminals are hijacking QR codes by placing stickers with codes they create over the top of the real QR code. When scanned, these malicious codes direct victims to phishing websites where they can steal personal or financial information.

Rochester police Chief George Rouhib said he was recently notified by another police department in the area that had bogus QR codes on all their parking meters, so he directed his officers to check the meters in Rochester.

After checking the black QR codes on the city’s 709 parking meters, police found 20 meters had bogus QR code stickers carefully attached over the real ones.

“At first, if you click on the code, it would go to a Park Mobile site — that’s who we use for parking, so it looked legit — but you could only insert a license plate and you couldn’t do anything after that,” Rouhib said. 

“We thought maybe it was just a test, because they weren’t in just one spot, they were spread out all over the place in the city and whoever put them on took some time to put them on, they looked very nice. So the next day, you could go on and — our biggest fear — you could put your credit card there.”

Police are currently investigating the matter and trying to determine where that money is going and who set it up. 

“We did remove all the bogus ones off the meters and we’re checking them every single day to make certain that it doesn’t continue,” Rouhib said. “But this is going on, it’s probably happening in 50 different cities, so it’s a clear criminal enterprise.”

Rochester Police are working to find out who’s responsible for the fake QR codes, Rouhib said. 

“We’re safe in town here for now,” he added. “We’re on top of it.”

While there have been no issues reported at parking meters within the Oakland County Sheriff’s Office jurisdiction, OCSO Public Information Officer Steve Huber said QR codes can be posted anywhere and act as a fast pass for scammers to your bank account and other personal information. 

“We have regularly put out safety warnings about scanning QR codes as a threat to your personal information and phone,” he said.

The OCSO encourages the public to avoid scanning QR codes positioned in public places or that appear to be tampered with and says to download apps referenced with QR codes directly from the app store.

To report a concern, call the Rochester Police Department at (248) 651-9621. You can also report scams to the FBI’s Internet Crime Complaint Center.

Advertisement