1 week Ago
Fraudsters have begun using QR codes to steal money and personal information, with organised gangs often behind the fast-spreading crime . Katherine Hart, lead officer at the Chartered Trading Standards Institute, says the offence, known as ‘quishing’, is significantly underreported and presents a “huge challenge” to authorities globally. Quishing scams usually see misleading QR codes created by criminals placed where contactless payments are common, such as on parking meters or restaurant menus.
They have also been spotted on packages, in emails and on television. The malicious codes redirect users to fraudulent websites or applications and can be used to extract personal data, such as bank details. Since 2019, ActionFraud data shows 46 incidents of quishing scams in Lancashire, with 27 of these occurring in 2024.
This is more than double the figure from 2023, 11, and five times that of 2022, 5. BBC analysis of ActionFraud data shows that these figures match the national picture, where nearly 3,000 reports linked to QR codes were reported to the national fraud reporting centre between 2019 and 2024. Last year, 1,386 reports were logged - more than double the 653 in 2023 and significantly higher than the 100 reported in 2019.
However, Ms Hart says that the true scale of the problem may be far higher as many do not report being targeted, as victims only lose a small amount of money initially. She said: “You might lose £2.99, and a lot of people won’t report that and don’t realise they’ve passed on their information to a criminal organisation.
“Invariably, days or weeks later, they’ll get a call telling them they’ve been the victim of a fraud, and they can pinpoint a day because they already have all of this information you’ve shared with them earlier. “They convince you using very coercive tactics that they’re from your bank, police or Trading Standards, and they want access to your bank account to take everything you’ve got.” Experts, including ActionFraud and the National Cyber Security Centre, have said that it is vital that everyone stays vigilant against these criminals.
READ MORE: East Lancs man was part of bitcoin fraud which saw £28m in assets seized READ MORE: Fraud gang scammed victims out of more than £1m from fake Blackburn call centre Wayne Stevens, National Fraud Lead at Victim Support, said: “In the last five years, there has been a huge increase in the number of businesses and organisations using QR codes to share information with the public. “Unfortunately, this has also given criminals the opportunity to target people using more and more sophisticated schemes. “When scanning a QR code, it is important that people ensure the code does not appear altered or distorted in any way, and the destination URL is as expected.
“There is a lot of embarrassment, shame and stigma associated with cyber fraud, but it is vital that victims do not blame themselves. If you have been impacted, contact Victim Support for free, confidential support.” Lancashire Constabulary have described quishing scams as similar to phishing, where criminals try to send you to a fake website.
There are concerns that this may be expanded to other areas that QR codes are not found or monitored such as external seating in pubs and restaurants, parking meters, phishing emails, online surveys and social media. A Lancashire Police spokesperson said: "To spot quishing scams, look for QR codes in an accessible place that is easy to replace or unsolicited mail. "Look out for sites that ask for financial or personal information when it is not suitable and use a trusted password manager that will flag them to you.
".
