Scammers have developed a particularly ingenious new charging station scam to trap motorists. It is so simple that it could well become widespread and claim thousands of victims.
Today, we are forced to be wary of everything, because scammers are increasing their ingenuity to trap their victims. Phishing emails and SMS messages, false login pages, fraudulent registered letters, phone calls with identity theft… It’s quite simple, each message, each link, each call must be studied with caution. Lately, fraudulent QR codes are increasing, stealing user data or installing malware on their devices. All you have to do is stick a sticker – on a menu, a poster or a flyer, for example – for thousands of people to be fooled without realizing it. The small town of Lorris, in the Loiret, had the bitter experience of this during the holidays.
On a little-used square in the village there is a charging station for electric cars. A small QR code is stuck on it, allowing drivers to land on a dedicated payment platform. Scammers had the idea of sticking a fraudulent QR code on it, which linked to a fabricated copy of the official payment site. You will have understood, by scanning the small graph, the victims paid their money to the criminals without being aware of it. Additionally, even though they were charged as a result, the terminal did not supply electricity to their car. To avoid being detected, the criminals, who have still not been identified, had the finesse to limit the amount of the withdrawals, so that they remained close to the price of a recharge.
When the deception was discovered, the service provider INEO rushed to deactivate the terminal to avoid an increase in victims – it has since been put back into service. He is currently working to strengthen the security of the device to prevent this type of situation from happening again. The worst part is that this is not the first time that this type of mishap has happened! Indeed, some of the town’s parking meters have also been hacked with fake QR codes, intended to suck money from victims, in the past. Because, let’s not forget, anything digital can be hacked!
Also, it is better to check that the QR code refers to the site to which it is supposed to link by carefully checking the URL of the page. If it does not match or contains strange elements, avoid going there, entering your personal data and making a payment. Make sure the address starts with “https://” – this indicates a secure connection – and be wary of spelling mistakes or suspicious variations in the domain name. Keep in mind that many QR Codes embedded in emails are fraudulent, and if a QR Code links to a site asking for information that doesn’t seem necessary, it’s best not to forward it. And, of course, if you see a QR code stuck on top, beware!