Parking ticket fraud on rise in France – how to avoid being scammed

Drivers in France are warned to remain vigilant against parking tickets which incorporate a fake QR code with fraudsters increasingly using them to scam victims. The fraud is now known as ‘QR quishing’.

The fake QR codes are often on a notice designed to look like a parking fine which is slipped under a car's windscreen wiper. The QR code through which the driver is directed to pay their supposed fine is printed at the bottom of the notice.

When drivers scan the codes to pay they are taken to a fraudulent website instead of a genuine payment page. Scammers then steal their payment details and sometimes take much higher sums than the stated fine.

Spreading in France

This form of fake fine is becoming increasingly common in the US and UK with scammers found to be creating very convincing fake parking tickets. The fake QR codes take victims to websites that are intentionally designed to appear like the genuine sites.

Now authorities are warning that this ‘quishing’ crime, similar to ‘phishing’ (sending fake emails) - is becoming more prevalent in Europe, including in France, particularly in towns that have introduced QR codes to pay for parking tickets and fines, reports specialist driving website AutoPlus.

Read also: Beware new scams involving QR codes in France

QR code fraud is also increasingly common elsewhere in car parks. Fake QR codes in the form of stickers are discreetly placed directly over the top of genuine codes, taking the driver to a fake payment page through which the scammers steal their details.

In addition the driver believes they have paid for parking but, as they have not, it could lead to a further fine from the genuine parking company.

Read also: Warning over scam QR codes on parking meters in south of France 

How to avoid getting scammed

Staying alert and following these tips can help:

1. Stick to official apps. Only use apps that you have downloaded directly from a trusted source, such as from the local authority. When you scan a QR code, check it corresponds to this trusted app.

2. Check URLs. Before interacting with a site after scanning a QR code, check the address carefully. Fraudsters often add minor variations, such as replaced letters or unusual extensions, eg. Instead of “.fr”, the ending might be “.com-fr” or similar. There may also be extra dashes, needless words, or unexpected punctuation. The website may also have minor issues, such as stretched images, poorly worded phrases, or odd formatting

3. Use reliable QR code scanners. Some tools can analyse QR codes without opening them directly, revealing the links they contain before any interaction.

4. Activate a mobile antivirus. Install an anti-phishing feature on your phone, which can help to detect malicious sites and block access to them, even when they are opened via QR codes. The authorities also have a role to play.

5. Navigate manually to the listed website. Instead of using a QR code to go directly to the website, type in the URL manually yourself. This will get around the issue of fake QR codes that are stuck to genuine payment signs.

6. If in doubt double check. If you have any doubt that a fine or QR is genuine, double check with the relevant authority - by navigating to their website manually, or calling them separately - before paying.