Maybe you’ve been there: You approach a parking meter, wanting nothing more than to pay and be done with your day. But unlike the old-fashioned method of just putting a quarter in the machine, there are a dozen slightly different ways to pay. One of those ways is to scan a QR code that takes you to a website where you can make your payment. But the next time you go through this uncomfortable dance, you might want to take a closer look at that pixelated little graphic.
Police in Southern California are warning residents about QR codes on parking meters that are directing unaware people to websites that have nothing to do with municipal payments. While the official companies that handle payments in the area go by names like ParkMobile and PayByPhone, the QR codes are directing people to fake websites that often only differ by a single letter.
For example, drivers who try to use a fake QR code to make a payment are directed to “poybyphone” rather than being sent to PayByPhone. Scammers have been able to pull off this scam by simply placing stickers on parking terminals that make the QR code look similar in style to the official information.
According to local police, there are at least 150 of these fake QR codes in the city of Redondo Beach, just south of Los Angeles, with particular concentrations in the Esplanade and Riviera Village areas, according to a press release from the Redondo Beach Police Department.
“I put in the URL, and the first five URLs in the Google search were fake,” one man told ABC7 in Los Angeles. “It was a scam. It even has a logo on it. It says ‘Passport Parking.'”
Curiously, despite reports of the same QR code scam occurring in the Orange County city of San Clemente, just south of Redondo Beach, a notice on the city’s website said authorities had failed to detect the scam.
“Recent news reports have revealed possible QR code fraud involving paid parking in San Clemente. This matter has been investigated and no fraudulent QR codes have been found,” the city said. “City officials will continue to exercise caution, but we urge residents to be suspicious of any QR codes that have been damaged or tampered with, or that have a sticker placed over the original code.”
What can you do to protect yourself? Of course, the safest option is to pay with cash if possible. However, always carefully review any URLs you may visit or reach when attempting to pay for parking. Avoid scanning random QR codes if possible. The use of QR codes was not particularly common in everyday life in the United States until the COVID-19 pandemic caused many restaurants to start adopting QR codes in place of physical menus.
But QR codes make it really easy and convenient to find websites. The cost? You have to be really careful to make sure you’re visiting the site you want to visit, that you’re not infected with malware, and that you’re not handing your money over to scammers.