Backstage Country

Beware: New QR Code Parking Scam Could Hit Las Vegas Next

A new QR code parking scam has been targeting unsuspecting people who are simply parking their cars. It’s a task that many of us have done before: paying for parking….

A parking meter. This story is about a potential parking QR code scam that is taking over Southern California and possibly Las Vegas soon.
Franz12 via Getty Images

A new QR code parking scam has been targeting unsuspecting people who are simply parking their cars.

It's a task that many of us have done before: paying for parking. Whether you're in Downtown Vegas or at a casino, more places are requiring payment for parking our cars. Well, a few scammers have uncovered a way to swindle people and to steal sensitive information.

How This QR Code Scam Works

The Better Business Bureau has issued warnings against these scams, saying that there may be a QR code placed on a parking meter, parking sign or even parking machine. The QR code may even say "Pay for Parking Here" or other messages about payment.

At first, you may think this is a convenient way to pay for parking. You can pay using your email and credit card number. However, you will not receive a confirmation for payment but your card will be charged. But the scam doesn't end here.

"A few weeks later, however, you noticed another charge on your credit card. However, this fee has nothing to do with parking," the Better Business Bureau states. "It’s a recurring charge from an unrelated company posing as the city’s parking fee service. In other scenarios, you may have even unknowingly signed up for an entertainment streaming service. It turns out the QR code was fake."

An article from USA Today also states that a consumer scanned a QR code and thought he was paying for the ParkMobile Parking App.

However, the article states that scammers ended up stealing the consumer's information, and his information "was thrown to the dark web."

Where Is This Scam Taking Place?

There have been reports across the country, warning consumers about this scam. This scam seems to heavily target Southern California, which means Las Vegas could be next.

In Los Angeles, a local news station reported that a man was trying to pay for parking using the "scam" QR code. Once he paid, his bank immediately called his phone and said there were unauthorized charges.

Along with that incident, ABC 7 in Los Angeles said that officials in Redondo Beach found over 150 fake QR codes slapped onto parking meters. They were strategically placed next to legitimate ParkMobile and PayByPhone labels.

"The fake codes actually sent drivers to a website called "poybyphone" instead of PayByPhone - just one letter off. But that sent users to an entirely different site, asking them to input their location and payment information," ABC 7 reports.

How To Protect Yourself From Fake QR Codes And Parking Scams

There are a few things you can do to protect yourself from falling victim to this scam. It's a general rule of thumb to avoid scanning QR codes unless you're inside a legitimate business like a restaurant, beauty salon, etc.

Try and pay for parking directly on the meter or type in the parking company's URL into Google. Also if you must scan a QR code then be vigilant at the URL. If the URL has a weird spelling or has a short link then this may be a malicious URL in disguise.

Look for signs of tampering and install a QR scanner with protection. There are QR code scanners that will alert you to potential phishing scams or malicious links. Often, scammers will place fake QR codes over legitimate ones.

Always ensure to scan any website before giving your credit card information. Be on the lookout for bad grammar, blurry logos and other issues that do not look like a legitimate business. Remember to always question something if it looks off because you can never be too safe.

10 Most Common Cybercrimes According to the FBI

Cybercrimes continue to grow in number. The FBI's Internet Crime Complaints Center (IC3), founded in 2000, received an astounding number of complaints in 2020: 791,790. The loss associated with these complaints was staggering, coming in excess of $4.1 billion.

To help provide a clear picture of cybercrime and its impact, Twingate looked at data from the FBI’s IC3. The top-10 crime types with the highest monetary losses were selected from the FBI's Internet Crime Complaints Center’s (IC3) Internet Crime Report 2020. The number of total victims was also included for each of the 10 crime types.

An IC3 analyst reviews and categorizes each of these complaints. The top cybercrime reported to the IC3 in 2020 was phishing/vishing/smishing/pharming. There was a significant amount of fraud around the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). The age group with the highest rate of victimization, according to the number of complaints, were those over 60 with 105,301, with a total loss of $966,062,236.

While cybercrime is extremely prevalent, continued awareness surrounding online activities remains critical to protect yourself. Read on to find out more about the top cybercrimes in 2020 and what steps you can take to stay safe.

1. Credit card fraud

Canva

- Total loss in 2020: $129,820,792
- Total victims in 2020: 17,614

According to the FBI, “Credit card fraud is the unauthorized use of a credit or debit card, or similar payment tool (ACH, EFT, recurring charge, etc.), to fraudulently obtain money or property.” Criminals can gain access to credit and debit card information in identity theft schemes or by stealing them from websites that aren’t secure. Anyone can be targeted when it comes to credit card fraud.

A digital payment survey by American Express found 42% of consumers reported having been a victim of credit card fraud with someone attempting to use their credit card or other payment information. Protection comes with vigilance and taking steps like only purchasing from reputable sources and ensuring transactions are secure when sending credit card information via the internet. Other steps to protect yourself include not sharing credit card numbers, reviewing your monthly credit card bill, setting up text alerts on your phone so you receive reports of suspicious credit card activity, and trusting your instincts—if something appears too good to be true, it probably is.

2. Tech support fraud

Rocketclips, Inc. // Shutterstock

- Total loss in 2020: $146,477,709
- Total victims in 2020: 15,421

This type of fraud can occur when a tech support scammer reaches out to offer services to protect or fix your computer. They may try to entice consumers to click on pop-ups that warn of security issues and provide a phone number to call. They may also ask for access to your computer or credit card information.

According to the Internet Crime Report 2020, at least 66% of the victims of this type of fraud were over the age of 60. The best way to protect yourself from this type of scam is to ignore pop-ups and avoid calling any numbers, restarting your computer, or clicking on any links. They could contain malware that allows scammers to access your computer or credit card information.

3. Personal data breach

Canva

- Total loss in 2020: $194,473,055
- Total victims in 2020: 45,330

A personal data breach is a security breach where protected, sensitive, or confidential information is transmitted, processed, stolen, or viewed by an individual or party who is not authorized to do so. Many types of personal information can be compromised in a breach such as credit card information, email addresses, and other sensitive information. Data breaches can happen when a hacker accesses a computer and steals files, through ransomware or malware attacks, phishing scams, or denial of service.

Preventing a personal breach is possible though. Creating complex passwords and changing them frequently, setting up account alerts, using multifactor authentication, and shopping with a credit card are all helpful steps to prevent such breaches and to keep your personal information safe.

4. Real estate fraud

Canva

- Total loss in 2020: $213,196,082
- Total victims in 2020: 13,638

Loan flipping is a predatory practice that happens when a lender convinces a homeowner to repeatedly refinance their mortgage, accruing high fees and points with each refinance. It is just one type of real estate fraud to watch out for. Escrow wire fraud, rental scams, moving scams, and foreclosure relief also qualify as real estate fraud.

Homebuyers and real estate agents should be especially diligent. Keep personal information secure, use licensed lenders and realtors for all transactions, never pay upfront fees for home services, and educate yourself on how to spot a scam. Be aware of anyone pressuring you to make quick decisions, and be wary of improper documentation and requests for wire transfers of large sums of money.

5. Spoofing

Canva

- Total loss in 2020: $216,513,728
- Total victims in 2020: 28,218

Spoofing occurs when a cybercriminal attempts to present themselves as another person, company, or entity, such as a trusted source like a bank, to gain access to personal information or commit other malicious acts. They can do this in a variety of ways from spoofing websites, phone numbers, and email addresses to spoofing Domain Name Servers (DNS), Address Resolution Protocol (ARP), or IP addresses.

To detect website spoofing, make sure the website uses the HTTPS encryption prefix and includes a padlock, and look for errors in spelling or broken links, or suspicious contact information. Email spoofing can also be detected by looking for errors or suspicious-looking attachments or links, which should not be clicked. Protecting yourself from this type of cybercrime means remaining aware, regularly changing passwords, calling and following up before submitting personal information online, and avoiding opening attachments or clicking on links that appear suspicious.

6. Identity theft

REDPIXEL.PL. // Shutterstock

- Total loss in 2020: $219,484,699
- Total victims in 2020: 43,330

Identity thieves steal personal information using various methods, including malware, social engineering, and phishing. Once they have this information, they take over the person’s identity and conduct malicious and fraudulent activities like applying for jobs, and opening credit cards and other accounts, in that person’s name.

During the COVID-19 pandemic, unemployment benefits were a target for identity thieves. There are several types of identity theft including tax, financial, medical, senior, employment, and even child. Protection comes with awareness, and there are several simple steps people can take to stay safe. Monitor your credit, use passwords that are not easy to guess and change them often, use security software on your computer, and use a digital wallet.

7. Non-payment and non-delivery scams

Canva

- Total loss in 2020: $265,011,249
- Total victims in 2020: 108,869

These cyberscams were the second most reported crime, according to the FBI’s IC3. Non-delivery occurs when paid-for items aren’t received. Non-payment occurs when items aren’t paid for even though they have been shipped.

Avoid getting caught in these types of scams by securing tracking numbers when ordering online, only buying from reputable websites that utilize the HTTPS encryption prefix, being cautious when purchasing merchandise from outside your country, using credit cards to pay for things online—and making sure to always check credit card statements. Experts suggest using extra caution online during the holidays.

8. Investment fraud

Jacob Lund // Shutterstock

- Total loss in 2020: $336,469,000
- Total victims in 2020: 8,788

The illegal or purported sale of financial instruments is considered investment fraud, according to the FBI. Ponzi schemes, pyramid schemes, advance fee schemes, and market manipulation are all types of investment fraud. Scammers often target elderly people—particularly older men who take risks—because they tend to have pensions and other retirement plans, according to a research study by AARP. Affinity fraud is another type of investment scam that targets members of specific groups like ethnic or religious communities.

To protect yourself and your investments, do your research and only work with companies and professionals that are legitimate. When dealing with countries outside of the one you live in, be cautious, make sure to understand terms and conditions, and do not be afraid to ask questions.

9. Confidence fraud

GaudiLab // Shutterstock

- Total loss in 2020: $600,249,821
- Total victims in 2020: 23,751

Confidence fraud finds a scammer assuming an online identity to befriend someone or forge a personal connection. The scammer can gain the victim’s trust over months or years before attempting to access their bank account or other personal information, or ask them for money or gifts. One such scam involves an offer of free money. Elderly people are a common target for such scams, according to the FBI, who believe that this may be due to their trusting nature, their potential financial savings, and the fact they often don’t report the crime because they don’t know how to or they are ashamed.

Never give financial information to anyone you haven’t met face-to-face or whom you’ve only met online, and take the time to check out whether the person connecting with you is legitimate. One way to do this is by performing a reverse image search on photos.

10. Compromised email

Canva

- Total loss in 2020: $1,866,642,107
- Total victims in 2020: 19,369

Weak passwords, clicking on malicious links, or downloading a file or app you shouldn't can lead to a compromised email—as can phishing scams or forgetting to log out on a shared computer. A hacked email also increases the risk for other types of fraud like credit card or bank account fraud or identity theft. Once your email is compromised, hackers can take over and log you out of your own email or use your email to send spam or other malicious content to your email contacts or to access accounts.

Criminals target both businesses and individuals in this type of scam, but there are several steps to prevent a compromised email. Make sure to log out of your email account everywhere, especially on public computers. Block phishing and spoofing attempts by typing a website’s URL instead of entering through an email link, use caution at public hotspots, and don’t log into email or other unsecured sites. Additionally, never open email attachments that appear suspicious or that are from people you do not know.