Major warning issued over car park QR code scams amid rise in ‘quishing'
Almost £3.5 million has been lost due to QR code scams with more than 780 reports of 'quishing' made to the UK's national reporting centre for fraud and cybercrime between April 2024 and April 2025.
Also known as QR code phishing, 'quishing' is a type of cyberattack where QR codes are used to trick individuals into visiting fraudulent websites or downloading malware.
Fraudulent QR codes are most frequently used in car parks, with criminals using stickers to tamper with the scan codes already in place on parking machines.
The scam is also used on online shopping platforms, where sellers received a QR code via email to either verify accounts or to receive payment for sold items.
Some phishing attacks impersonate HMRC, or other UK government schemes, targeting people with QR codes designed to steal personal and financial details, reports show.
People are being asked to stay vigilant and double-check QR codes to see if they are malicious, or have been tampered with, before scanning them online or in public spaces.
Claire Webb, Acting Director of Action Fraud, said: 'QR codes are becoming increasingly common in everyday life, whether it's scanning one to pay for parking, or receiving an email asking to verify an online account. However, reporting shows cyber criminals are increasingly using quishing as a way to trick the public out of their personal and financial information.
'We're urging people to stop and check before scanning QR codes, to avoid becoming a victim of quishing. Look out for QR codes that may have been tampered with in open spaces, or emails and texts that might include rogue codes. If you're in doubt, contact the organisation directly.'
Although QR codes used in pubs and restaurants are usually safe to scan, ones in open spaces like train stations or car parks, might pose a greater risk.
Action Fraud suggests checking for signs that codes may have been tampered with, such as a sticker placed over a legitimate QR code.
If you are unsure, it's best to not scan the QR code at all and instead find the official website or app of the organisation you are trying to make the payment to.
If you receive an email with a QR code in it, and you're asked to scan it, you should be cautious due to an increase in these types of 'quishing' attacks.
Another precaution to take is to always use the QR scanner that comes with your phone, rather than using an app downloaded from an app store, because it is more secure.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Independent
19 minutes ago
- The Independent
Police to investigate grooming gangs using AI technology
Artificial intelligence tools will be rolled out to all police forces to tackle grooming gangs. Officers across all 43 forces in England and Wales will gain access to the investigative technology as part of a £426,000 funding boost for the Tackling Organised Exploitation (TOEX) programme. The intelligence and technical experts support forces investigating complex cases such as organised exploitation of modern slavery, county lines and child sex abuse. Some 13 forces currently have access to their apps, which are said to have been used 12,500 times – saving more than £20 million and 16,000 hours for investigators. The expansion, announced by the Home Office, comes after Baroness Casey recommended a national police operation to review cold cases, in her rapid audit on grooming gangs published in June. Operation Beaconport has since been established, led by the National Crime Agency, and will be reviewing more than 1,200 closed cases of child sexual exploitation. Safeguarding minister Jess Phillips said: 'The sexual exploitation of children by grooming gangs is one of the most horrific crimes and we must punish perpetrators, provide justice for victims and survivors, and protect today's children from harm. 'Baroness Casey flagged the need to upgrade police information systems to improve investigations and safeguard children at risk. Today we are investing in these critical tools.' The technology being rolled out can translate large amounts of text in foreign languages from mobile phones seized by police, and analyse a mass of digital data to find patterns and relationships between suspects. NCA director general Graeme Biggar said providing reassurance to victims and their families has been a main focus of the national policing operation since June. He added: 'We must and will ensure their voices are heard and collectively, we will restore confidence that the law enforcement response to child sexual exploitation is without fear or favour, is evidence based and not undermined by fears of inflaming community tensions.' The Home Secretary has also written to police forces to make sure they are collecting ethnicity data as recommended by Baroness Casey. The crossbench peer's report found the lack of data showing the ethnicity and nationality of sex offenders in grooming gangs is 'a major failing over the last decade or more'. The audit found that officials had dodged the issue of ethnicity among the groups of sex offenders for fear of being called racist, but there were enough convictions of Asian men 'to have warranted closer examination'. The Government has launched a national inquiry into the abuse and further details are expected to be announced in the coming weeks.
Daily Mirror
20 minutes ago
- Daily Mirror
Elon Musk's X 'played central role' in stoking racist riots, damning report finds
Amnesty International analysis found X's algorithm prioritises posts that are most likely to contain lies and hatred - and say nothing has changed amid heightened tensions Elon Musk's X played a "central role" in fuelling last year's racist riots as it is designed to amplify dangerous hate posts, a damning study has found. Analysis by Amnesty International suggests the social network's algorithm prioritises comments that are most likely to contain misinformation and hatred. This led to an enormous spread of vile lies following the Southport attacks last July, researchers found - and they warned nothing has changed. Within 24 hours posts wrongly claiming the killer was a Muslim or had come to the UK by small boat had been seen a staggering 27million times, the study says. And the attack was seized on by far-right agitator Tommy Robinson and notorious influencer Andrew Tate, who had previously been banned for hate speech, with their posts reaching millions of people. UK-France small boats returns deal - all you need to know as new details released Hundreds of people were arrested as violence broke out following the murder of three schoolgirls by British-born Axel Rudakubana, who was 17 at the time. The report said X, formerly known as Twitter, "dismantled or weakened" key safeguards after Musk took over in 2022. Sacha Deshmukh, Amnesty International UK's chief executive, said: 'By amplifying hate and misinformation on such a massive scale, X acted like petrol on the fire of racist violence in the aftermath of the Southport tragedy. "The platform's algorithm not only failed to 'break the circuit' and stop the spread of dangerous falsehoods; they are highly likely to have amplified them." The charity's study found X gives top priority to content that drives conversation - regardless of whether this is driven by misinformation or hatred. And it said posts from users who pay a premium are even more visible - further ramping up the risk of "toxic, racist, and false" content. Pat de Brún, Amnesty's head of big tech accountability, said: 'X's algorithm favours what would provoke a response and delivers it at scale. Divisive content that drives replies, irrespective of their accuracy or harm, may be prioritised and surface more quickly in timelines than verified information.' The report states: "In the critical window after the Southport attack, X's engagement-driven system meant that inflammatory posts, even if entirely false, went viral, outpacing efforts to correct the record or de-amplify harmful content - some of which amounted to advocacy of hatred that constitutes incitement to discrimination or violence." It said this "contributed to heightened risks amid a wave of anti-Muslim and anti-migrant violence" which was seen across the UK. And it warns the platform "continues to present a serious human rights risk today". Amnesty's report points to an infamous post by Lucy Connolly, who was jailed for 31 months for stirring up racial hatred. It said X's failure to remove it was "telling" - saying it was seen 310,000 times, despite her account having less than 9,000 followers at the time.
The Sun
20 minutes ago
- The Sun
The Repair Shop viewers demand BBC show is axed after ex-host Jay Blades' rape arrest
THE Repair Shop viewers have demanded the BBC show be axed - after ex-host Jay Blades' rape arrest. The Sun reported Blades, 55, has been charged with two counts of rape. 3 3 3 On Tuesday (August 5), the show returned to its usual 8pm slot, although Blades was not featured. Writing online, fans have called for The Repair Shop to be axed after nearly a decade on air. One penned: "Could never see the point of him being in the Repair Shop he never restored anything but worn a new leather apron the show is better without him now." Another added: "Surely you must take the Repair shop off now if the presenter is accused of physical rape." Police confirmed the allegations against the dad of three from Shropshire. He fronted the hit BBC show for seven years before stepping back last year. King Charles appeared alongside him on a special episode in 2022. West Mercia Police confirmed charges against the dad of three, with a magistrates' court date set for next Wednesday. A spokesperson said: 'Jason Blades, 55, of Claverley in Shropshire, has been charged with two counts of rape. Axed TV host Jay Blades was weeks away from starring on new reality series before domestic violence arrest "He is due to appear at Telford magistrates' court on 13 August 2025.' The TV star is currently awaiting trial on a separate charge of controlling and coercive behaviour against estranged wife Lisa-Marie Zbozen, which he has denied. He was arrested in May 2024 - on the same day fitness instructor Lisa announced her decision to end their 18-month marriage. In September, Blades was charged. His actions allegedly caused Lisa 'to fear, on at least two occasions, that violence will be used against her'. The presenter pleaded not guilty to the charge — which relates to the period between January 1, 2023 and September 12, 2024 — at a court hearing last October.
