QR Code Scam
An enterprising individual made fake parking tickets with a QR code for easy payment.
An enterprising individual made fake parking tickets with a QR code for easy payment.
Peterpotamux • December 28, 2022 1:43 PM
I know this happened in a couple of towns in Spain some months ago. Bad guys created sticks they placed in parking totems. The QR codes directed to a fake municipality site to buy parking minutes. Bad guys recovered small payments but most important card details.
Most of people is used to QR codes (widely used during COVID crisis) and has a natural tendency to scan any code they see (for some people is as unavoidable as not not pushing that button under the “do not push this button” sentence).
QR code scanners shall double-check reputation of the URLs in a DB before accessing?
JMM • December 28, 2022 1:55 PM
As Peterpotamux commented, here’s a new article (in Spanish) that describes the same scam in Spain a few weeks ago: https://motor.elpais.com/actualidad/multas-de-trafico-falsas-una-campana-de-fraude-hecha-con-fotocopias/
Brenden Walker • December 28, 2022 2:16 PM
I don’t even have a QR code scanner on anything. Never understood the need. If the QR code doesn’t also have the website URL in text, I’m not going there.
People are way too quick to give up security for convenience IMO.
Michael • December 28, 2022 3:11 PM
So if the perpretrator had instead written an account number to which to pay, would this have been a “digits” scam instead?
Seriously. How is the fact that it was done via a QR code the defining characteristic of the scam?
Dan Hugo • December 28, 2022 4:03 PM
The comment from Brendan is interesting, as many people I encounter are suspicious of and thus avoid using QR codes entirely, though inclusion of the URL text doesn’t really help. We have QR-enabled parking spots to enable paying the parking fees (here in Vegas, those are like water, except available in larger quantities), where the code is printed on a sign at or near a particular parking space.
To me, this seems like a client software issue with a user education component. Rather than enabling direct click-through when a URL QR Code is scanned (in your modern mobile camera app on your mobile device, for example), perhaps an intermediate local landing with the full URL displayed and the possibility of online checks (Peterpotamax)and the possibility of follow-up for problematic codes (a crowd-sourced knowledge base, for criminal as well as regular old problematic QR codes).
Clive Robinson • December 28, 2022 4:31 PM
I’M assuming this is the same story,
But without the yahoo scamers behind it.
I’ve looked at several stories and they all appear to be the same.
Interestingly the Police say the 19year old admited putting the fake notices on the cars, BUT claims not to have received any money.
Hence his being charged with,
1, Unlawful use of a computer system.
2, Attempted fraud.
The only picture I found of the fake tickets did not have a QR code visable on them, yet the real ticket shown does…
Something tells me there is a little more behind this story than we are being told.
Antwan • December 28, 2022 4:44 PM
Seriously. How is the fact that it was done via a QR code the defining characteristic of the scam?
If the ticket listed a “wrong” phone number, we might be calling it a “phone number scam”. If it had a “shortened” URL, we might call it a URL shortener scam. People trust things they shouldn’t, and the details of this social engineering are interesting to Bruce’s readers. Part of the problem is that the people designing these systems don’t think about trustworthiness, leaving little way to distinguish fake fom real. We’d likely be screwed if the scammers got paper with holograms, or paid for an actual metre(s)-wide “city parking” steel sign and mounted it while wearing reflective vests (à la Richard Ankrom).
I once spent 30 minutes on the phone with my bank after encountering a “verified by Visa” prompt asking for my date of birth, to determine whether it was real. It was an SSL-protected iframe with a domain and cert referencing some company I’d never heard of. “Does it have the Visa logo?” was suggested by the first bank employee as a way of determining legitimacy; I asked to speak to someone else, of course, and eventually got a series of SSL-protected links from the bank’s site to that site (run by an apparently legitimate contractor). I got the impression it was uncommon for anyone to ask about it.
lurket • December 28, 2022 5:47 PM
I’m with @Clive on this one: the various versions of this I’ve found show a “fake” ticket that has no QR code. AFAICT it doesn’t seem to be folded to conceal the code. Hmmm …
As for using a phone or bank acct number, it might still fool most of the public. Readers of this blog might notice something odd/different in a phone nr. that’s frequently used, but how many could tell at a glance that a QR code was not the same as last week?
My behaviour is not typical, but for non-human-readable data, curiosity overcomes convenience. I have a bar/QR code reader which just reads, no network connection (I trust), and just shows the url/phone/serial/part Nr. on screen, from where it can be copied and pasted into a browser/dialler/whatever.
Clive Robinson • December 28, 2022 6:21 PM
If you search on the 19 year olds details given in various articles, you end up being told that he is “hispanic” and officially what he’s been (or was being) held on is,
1, 532(A) – Obtaining Food Or Property By False Pretenses.
2, 502C1A – Deleting/Altering Data to Commit Fraud.
The first looks like “anti-street person” legislation designed to just grab people.
The second well,
Has he deleted any data?
Not that anyone has given evidence of as far as I’ve seen.
As for “altering data” likewise I don’t actually see any evidence given for that either.
As far as I can see so far, he’s only used his own computer equipment. And I’m guessing what’s on the resulting print out is actually factual (if you think about it, it would not work as a scam if it was not factual).
I guess the devil is in the details of the actual legal code. But as far as I can see from the photos he’s only given “factually correct” information and has not asked for money or consideration, he’s simply “notified”.
If there is actually a QR code?
Has anyone seen / followed it?
If yes what have they seen?
But if you think about it, what the man has supposadly said is odd…
So what is the odds that if this gets to court it is going to get portrayed as “conceptual art” or some such or even “doing a civic duty the authorities are failing to do”?
We probably won’t find out as it will not be news if and when it gets to court.
lurker • December 29, 2022 1:00 PM
@Clive Robinson, re not news
The mod-bot objected to my suggestion this story was only c11ck b a it
Ted • December 29, 2022 2:18 PM
Remind me to question parking tickets where the font of a heading is a relaxed cartoon typeface.
The colorful cartoon palm trees on each side of “Santa Cruz Parking Pay” were an equally fine touch.
As others have observed, it is interesting that the real tickets also include a QR code to pay online.
I once received a ticket when my meter was paid up. I called the city to inform them. Last I recall, they sent me a letter saying they put a hold on the ticket and were looking into it. I never heard back from them. But I kept all the records and plan to hold onto the pictures I took too.
Clive Robinson • December 29, 2022 2:44 PM
@ lurker, ALL,
“The mod-bot objected…”
Yes it can be very objectional…
In some was reminds me of a boss I once had, where you had to tip-toe about because of the nuclear egg shells…
Speaking of eggs, it’s been four months now since I purchased any. Now it’s normal that when I get to the shop there are none or the few there are, are priced beyond three times what they were…
lurker • December 29, 2022 6:01 PM
@Clive Robinson, re eggs
It’s the law, guv.
JonKnowsNothing • December 29, 2022 6:54 PM
@lurker, @Clive, All
re: Shortage of egg in the shell
iirc(badly) @Clive is in the UK. The egg shortage in the UK is not due to a change in farming methods. It is caused by a enormous outbreak of Avian Influenza H5N1, which is lethal to birds of all types.
In the UK and other countries, the have been millions of birds culled in 2022 due to outbreaks. It is highly contagious and is often carried by wild birds which infect other birds in passing.
Once an outbreak is determined local veterinary regulations dictate how many birds will be culled and what radius the cull will be. Sometimes farms within a few miles or tens of miles will have to cull their birds.
Culled birds do not enter the food stream. They go right into incinerators or deep ditch burials (1)
So Factor 1: huge outbreak of H5N1 in birds, culling most of the turkey for this holiday as well as chickens and ducks.
Another factor is the cost of feeding the birds. BREXIT didn’t help any farmers in the UK and the cost of feeding the birds with the proper diets skyrocketed. Many farmers have dropped out of raising animals or crops due to the costs involved: feed, fuel, fertilizer.
So Factor 2: Supply chain shortages and cost increases
The one that is likely causing even more difficulties is a legal definition of different types of eggs. A large number of egg farms in UK produce Free Range Eggs. This legal definition requires the birds to be outside a specific number of days per month per year. With the H5N1 outbreaks, all the Free Range producers (eggs and meat) have had to bring their birds inside enormous barns for safety. The problem is, legally, being inside they are no longer Free Range. So the farmers cannot sell their eggs or meat through their normal supply chain. The UK is considering an adjustment to the legal definition but until then those eggs are not coming to the local markets.
So Factor 3: Legal restrictions on sale and regulatory labeling.
H5N1 will preclude outdoor raising of birds for a long time. The virus remains active in the soil and is easily transferred by people taking a walkabout a park to feed the ducks, geese and swans there and then taking another path to a different pond of ducks, geese, swans.
If you want to have a consistent source of eggs, you need to own a hen. Unfortunately, many residential laws and city ordinances classify a hen as livestock. You can own a budgerigar or parrot but not a hen.
Chickens are quite interesting: your own pet velociraptor and superior varmint killer. (2)
1) When the COVID infected mink were culled, they didn’t dig the ditches deep enough. There was a fully unpleasant effect of mass burial of millions of mink. They have since dug up all the decomposing mink, and reburied them in a not publicly known location on a military base.
2) New York City, USA has a position to be chief rat exterminator. They would do just as well having a flock of chickens around town, along with some energetic terriers.
modem phonemes • December 29, 2022 7:55 PM
rat exterminators … energetic terriers
Note that the citizens of NYC do indeed run their own rat extermination patrols using doggies.
Peter • December 30, 2022 8:07 AM
A not so god attempt at doing this was made in Sweden this summer. QR-code led to a phishing site.
Bryan • December 30, 2022 3:46 PM
@JonKnowsNothing: It is quite ridiculous that any municipality would ever ban hens. But as I listen to the roosters out in the yard, that one I can understand.
Clive Robinson • December 30, 2022 4:37 PM
@ Bryan, JonKnowsNothing,
Re : Chicken bans.
“It is quite ridiculous that any municipality would ever ban hens.”
Actually they do for several good reasons,
The first is disease, parasites, vermin. Chickens are basically magnets for these, with sveral diseases and parasites you would not wish on your enemies. With the added bonus of rats, foxes, and other wild criters that carry rabies and other diseases you realy would not want to get or die from. One of which eats into your brain slowely destroying what was once you.
Then there is the effluent and waste they generate, that is yet another breeding ground for nasties. It attracts the sorts of flys you do not want around as they form part,of the breading breeding cycle of other nasties. Also their droppings are not at all good for the soil etc as it “burns” chemically till it’s been weathered for a year or two with compost or similar.
Oh and the “rooster” issue you mention… Hens don’t lay without a rooster, so you have to have them around and that sun up call is a necessary part of that.
There’s a few other issues with keeping chickens especially “freerange. The reality is in the past laying birds have been kept like the “garden pig”. In short they are mobile dustbins there to eat up scraps and waste from the kitchen. Worse back in time the were also their to pick over the “night soil” as this tended to increase their egg production. So they also “close the ring” on some human intestinal parasites as well….
So yeh there are plenty of people forming a line to ban chickens in urban gardens.
JonKnowsNothing • December 30, 2022 4:44 PM
re: hens v roosters
Hens are female. Roosters are male.
Roosters do make a good amount of noise.
Hens make very little noise by comparison. Not much more than a couple of budgerigars (aka parakeets in USA) making joyful noise. Budgies like to contribute to the conversation when when you talk on the phone. Hens are more discreet.
Hens produce eggs. Hens do not need roosters to produce eggs. The eggs produced without a rooster do not hatch.
Roosters with hens produce fertile eggs, which in time may hatch into baby chicks and grow into adult birds.
The confusion often revolves around the lack of need for a rooster to get eggs. It’s rather basic biology. Prolly overlooked in a lot of school curriculum because of the sensitive aspect of No Male Needed and lack of Female Biology oriented studies.
Fertilized eggs are sold in markets and will be labeled as such. They won’t produce viable chicks because the egg has been chilled. There are some folks that consider fertilized eggs more “nutritious” because of the birds have some semblance of normal behavior. However, in modern agri-biz farming, “normal” may not be what you think it is.
Having your own hen or two, in an apartment isnt much different than having a budgie or canary as far as upkeep. You do need enough space for the bird. The right feed, which can be procured at a Feed Store or Outdoor Hardware type store. They require some special feed for their digestive system. They also require veterinary care or DIY care to make sure the birds do get have mites or other bugs.
Having a rooster in an apartment, would prolly need some serious sound proofing to help your neighbors. A bonus is you wouldn’t have to use that fake rooster crow on your smartphone alarm to wake you up.
Also, the birds sleep at night, so you need quiet place for them to sleep, since they go to bed when the sun goes down.
You need a nesting box setup, which the feed store can provide. Normally the eggs will be in the nesting box. However, if the birds do not like what you provide or the location, they will find another spot to lay their eggs. Depending on how much room you let them roam around in, you might have to look under the potted plant leaves.
Longevity varies. Commercial hens do not live very long. It’s part of the industrial agri-biz, that exploits the birds biology. If the sun never goes down, the birds never sleep. Pet hens live much longer.
JonKnowsNothing • December 30, 2022 5:21 PM
@Clive, @Bryan, ALL
re: Pet, Semi-Feral, Feral, Farmed Chickens
From @Clive’s description, he is referring to feral or semi-feral birds, that have no keeper or owner. This happens. In some places the feral birds are allowed to roam and in other places the birds are killed off. It really depends on the community.
However, if we restrict the discussion to Responsible Ownership, much of those objections go away.
Like all animals the owners needs to be familiar with the needs of the animal they take under their care.
A home hen is not a major egg production business. A hen will provide 2-4 eggs a week, mostly in spring time. They produce no eggs when it gets cold. It’s up to the owner to be mindful about the needs and the proper care for the animal. To be a good custodian and neighbor.
Clive Robinson • December 30, 2022 11:58 PM
@ JonKnowsNothing, Bryan, ALL,
“From @Clive’s description, he is referring to feral or semi-feral birds”
Err no, I was refering to why authorities ban chickens in any given zoning.
It’s their view based on what they hqve been told by the National Equivalent of the US EPA where you live.
The business with roosters and laying hens is complicated, but put simply many claim the number of eggs laid in a given time frame is causally related. That is it is lower without a rooster crowing than with one, not if the rooster mates with a hen or not.
The number of eggs you get from a laying bird their size and quality changes significantly.
You can, expect laying to start after around 10weeks, these eggs will be outsized and may well be double yokers, but they are unlikely to produce chicks. In the first year of laying you can get upto 300eggs/bird. In the second year the eggs are smaller and you’ll get maybe 180 eggs. Such birds are not considered “cosmetically viable” or “not worth the feed” you can by these hens at livestock markets for eating or pets, make sure you make clear what you want it for, othereise they might wring the birds neck as a service…
The actual life expextance of birds varies widely depending on breed and how you feed them more than it does how you treat them.
Chickens are omnivores and like bugs in their diet. If you are owning them as pet/layers just remember the “normal scraps feed” will not give you anywhere near the number of eggs you might expect.
The shell of an egg needs one heck of a lot of calcium in a bio-available form. In times past egg shells were kept, cooked, and ground to be added back into their “laying formular”.
After WWII Great Britain had a very real food problem and the country was starving (something not much talked about these days). Thus “real scientists” were employed at places like “Chorley Wood” to make animals not just more productive, but more efficient. One of the many things they found is that chickens like rabbits have a dietary system too short to get the nutrition from there food…
In nature the birds solve this problem themselves just as rabbits do by eating their own droppings. In rabbits it’s easy to see as you get “soft pellets” on the first pass and “hard pellets” on the second pass where most nutrition is extracted.
Willingh chickens it’s harder to tell so just feeding the whole lot back as a percentage of the “grain feed” significantly upps not just egg production but slaughter carcus weight.
The down side of this is the likes of Omega 3 fats are tiny compared to “free range birds” that are “grass fed”. Modern Supermarket chickrns have maybe 1/25th of the Omega 3 that home free frange birds do. Also the flesh is of way higher quality as are the joints. So using the stripped carcus (bones, skin, cartilage) will give you a way way better chicken stock for soups and stews etc. Often the meat you get in “ready meals” has already been cooked in a way to extract to stock as the product is worth a considerable income compared to the usuall steam stripped carcus meat used in less expensive pies and similar. Therefore in curries and similar the chicken meat is often little more than “filler” and not even what it looks like of “breast meat”.
Oh if you want to know which meat of the chicken tastes the best and most often gets “thrown out at home” when someone roasts a bird, it’s the “olives” from next to the birds pelvis. Which as roasting birds are not just cooked but served upside down –spine to the dish– the olives just do not get eaten, they just go in the bin…
It’s one of the reasons I teach people to “spatchcock” / “dead frog” the whole chicken. Because not only does it make the olives available on serving, the whole bird can be cooked in half the normal time. In fact if you have a large skillet or frying pan you can not just cooke the bird, but the potatoes, carrots, and parsnips, you can also cook the onions/chalots etc for making the gravy all in the single pan. You can with just a little organisation from start of prep have a full roast dinner on the table in a little under an hour. With the bird succulent and flavourfull and not requiring “stuffing” though making that in the same pan can be done if it’s not a large bird, as can making “pigs in blankets”. Cooking peas is the only thing that requires the use of an extra pan or glass bowl (microwave).
What comes out of that pan using a small freerange grassfed bird is actually enough for 4-6 people using traditional portion sizing (not the modern sizing which has to be nearly twice the size due to the low density of nutrients in “farmed” birds).
JonKnowsNothing • December 31, 2022 3:19 AM
@ Clive, Bryan, ALL
re: zoning laws
Indeed zoning laws are a minefield of contradictions. Like many rules they often make little sense in practical terms and on many levels the people making the rules can’t tell a rooster from a hen. The laws are just sound bites for media play.
Chickens come in many breeds, raised and selectively bred by humans for a long time. Originally called Jungle Fowl. Like pigeons, rabbits, and other animals, that humans have turned their attention to, we have bred chickens to fill a variety of niches.
It isn’t grandma’s hen house anymore. (1)
Chickens are omnivores and eat meat when they can get it. Chickens that are stressed will peck at another bird until they kill it. If their diet is not correct, they will pull out their feathers and eat them. They will crack their own eggs just to eat the shells. (2) Birds that are mistreated show mental problems that cannot be repaired. (3)
In California, we have city, country, state and various ordinances that govern where and how anything happens. On a boundary line between city and county, one side of the street can have chickens and the other side of the street cannot. One side can have sheep, cows, horses and the other side cannot. It all depends on which side of the street you live on.
No one should own any animal unless they fully understand the needs of that animal. In theory that makes for good health of the animal and successful interaction with the owner.
Unfortunately, for animals, humans claim 100% life and death control over their lives. Animals get no say in the matter. Humans believe that They Can Own Anything That Money Will Buy . They are correct.
Money will buy animals; both their lives and deaths. That’s what you do when you buy chickens in the market. Buy eggs for your omelette, buy the $5 Rotisserie Bird “Loss Leader” from the Big Box Store. When you buy bacon, or ham, steaks, fish. You are buying the life and death of that animal.
It’s not so easy, after all.
1) In times of yore, chickens, their eggs and the money from selling them were given to the woman for her “spending money”. Often she traded the eggs and extra poultry for threads and yardage to make clothes for the family.
2) Modern animal diets are derived from “Feed and Feeding” studies. Large Agri-Biz spends a lot of funds on researching diets for everything from Apes to Zebras. Dogs, cats, fish are common pet foods found in super markets. These studies may include special chambers with temperature, humidity, atmospheric pressure are controlled. The amount of oxygen exchange is monitored. The amount of feed (weighted) and weight gain is measured precisely. All waste is collected and analyzed for nutrient uptake. It’s how we know about cow farts. Different diets are determined depending on the animal and the animal’s activity.
3) Humans sometimes buy long lived birds like parrots. Because humans are not parrots, we do not naturally provide a good environment for them. There are sanctuaries for parrots that have been driven “insane” by their human owners.
Clive Robinson • December 31, 2022 9:59 AM
@ JonKnowsNothing, Bryan, ALL,
Re : The calculs of death.
“There are sanctuaries for parrots that have been driven “insane” by their human owners.”
And for many other “long lived pets” or “work animals”.
I used to keep “fancy furries and feathereds” such as rodents, ferrets, rabbits, fowls and similar. Some such as the rodents were just “pets”, some such as the “ferrets” were pets/working and some such as the rabbits pets/food.
As I looked more into the creatures needs, I realised that realistically there was no way to give them even a close approximation to a real existance in “tooth, nail and claw” and environment.
I thought I was a good and contentious “owner” but I now know you can not realy be. The best both the human and animal can hope for is an “open symbiotic” arrangement, and that can be very hard to achieve.
One of the things that realy realy creeps me out is neutering of pets, it’s almost always put over as “how much easier the pets life will be…”.
But one thing few realise is why we get young children short lived pets… It’s so they will form emotional bonds with the creature, that then dies, obviously causing considerable mental stress for the child. The reason for this is the “What does not kill us makes us stronger” nonsense argument. We think we are giving the child important life experience lessons… But in reality we are actually torturing them as well as the pet.
modem phonemes • December 31, 2022 1:56 PM
@ Clive Robinson @ JonKnowsNothing et al.
best both the human and animal can hope for is an “open symbiotic” arrangement
One enthusiast who lived in the country provided a congenial shelter for parrots and also let the birds be free. He taught them to come when called.
I imagine this is possible with many animals. But many animals, treated properly, enjoy closer companionship and even strive to exceed what they will do in nature as a result of this.
Abe • December 31, 2022 11:47 PM
Is Clive an AI chatbot, parroting mostly false statements like that “hens don’t lay without a rooster” which can be clearly debunked by anyone who has actually raised chickens?
Clive Robinson • January 1, 2023 8:12 AM
Are you just dense or malicious?
Go back and read the whole of what I said, and the context it was given in.
Which was why hens got needlessly banned by certain civic organisations.
Old time farmers used to argue that the “hens would not lay” as well without roosters being around.
Thus just one of many reasons the hens got banned was to stop the noise nuisance of the roosters. Because if hens were not kept, there would be no reason to keep roosters (or that was the thinking of the mindset that made the rules).
What, I personally think having kept hens in the past with and without roosters, is “I need to keep reseting my alarm clock” without one. Chickens follow the sun not the clock so you need to follow the sun if you want the best out of your birds.
JonKnowsNothing • January 1, 2023 11:05 AM
@Clive, @ Abe, All
re: Rooster Naughtiness
Roosters by and large are loud and as @Clive indicated they have their own internal clocks and crow accordingly.
There are some weird laws regarding roosters and some hilarious urban dwellers finding The Country Life is not just *$$.
Maurice The Rooster in France became a cause célèbre, when some newb urban dwellers moved to the countryside and objected to Maurice’s morning time alarms. Maurice won his right to crow.
In a similar case the judge ruled for the rooster:
“The chicken is a harmless animal, so stupid that nobody has succeeded in training it, not even the Chinese circus…”
Maybe Maurice had some assistance
The Gallic rooster (French: le coq gaulois) is a national symbol of France as a nation, as opposed to Marianne representing France as a state and its values: the Republic.
Laws vary all over the USA on the keeping or restrictions of having roosters.
An interesting variation in California, in at least one County, revolves around the keeping of Fighting Birds, which are specially bred roosters used in Coq-Fighting. The fighting part is illegal, raising the birds is not. (1)
Fighting Roosters are kept with a leg chain staked to the ground and a small dog-house for shelter. They can wander as far as the chain will go, and perch on top of the dog house. There are rows and rows of these chains & dog houses, each with a Fighting Rooster shackled to it. One breeder put up an “expensive” fence to block the view of the size of the business.
Then there is the problem of unwanted male chicks. It’s a nasty cull. We don’t eat capon much in the West, so the male chicks are disposed off. There are some breeds of chickens that are born with visible sex markers (color). It’s easier to pick out the roosters.
Without roosters, we could not have so many sayings about their crowing.
Different cultures describe animal sounds using different mimicry. There are words for the animal like rooster; there are words like crow for the sound it makes; there is imitation of the sound or call; then there is the description of the call, which prolly wouldn’t make it past the mod-filter. For dogs this description in USA is Bow-Wow or Woof Woof.
htt ps://www.theguardian.c om/world/2019/sep/05/french-court-rules-maurice-noisy-cockerel-keep-crowing
1) Similar dichotomy exists in all forms of animal baiting. In many parts of the world these “games” are illegal but the animals used for them continue to be bred explicitly for that use. In the case of dogs, many offspring end up in the public domain as “pets” via recovery and reclamation agencies. Unfortunately, even the best intentioned are not always able to deal with the genetics and behavioral issues. Things go well, until they do not.
htt ps://en.wikipedia.or g/wiki/Capon
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Leave a comment