Quishing fraud
Pay for a parking ticket — and suddenly your bank details are in the hands of fraudsters. This is exactly what is currently happening in several German cities, including Cologne and Dortmund. The scam: fake QR codes on parking machines that direct unsuspecting drivers to fraudulent websites.
Are you prepared for cyber threats?
Act now before the worst comes to the worst! DEFENDERBOX is at your side as a reliable security solution and partner to protect your company in this dynamic threat environment. Contact us to make your cybersecurity strategy fit for 2025 and beyond.
Would you like to know how secure your company is? Find out with a test installation! Book now:
How does it work?
This new form of phishing — also known as “Quishing” — uses manipulated QR codes that simulate genuine payment links. Anyone who scans the code ends up on a deceptively genuine but fake payment page where fraudsters steal personal data and bank information. In Dortmund, 90 parking machines have already been stuck with such fake codes — the number of unreported cases could be much higher.
Why is quishing so dangerous?
Deceptively genuine: Fraudulent websites often look like the originals.
Inconspicuous manipulation: QR code stickers are small and are rarely questioned.
Fast data retrieval: Bank details, login data or credit card information can be stolen in a matter of seconds.
Our tip
Use official payment methods — only buy the parking ticket via the official parking app or directly at the machine.
✅ Do not blindly scan QR codes in public places — be particularly careful with payment requests.
✅ Check URL — Is the website suspicious or the URL unusual? Better not continue!
✅ Regular checks — cities and operators should check their vending machines for manipulated QR codes.
Conclusion
QR code fraud is on the rise — not only at parking machines, but also at e‑charging stations, public notices and via email. If you want to be safe on the road, you should always make payments via official apps or direct entries.
EN 
DE