There is a hint of technology in the stratagem recently seen in Milan: there are many for an alleged parking ban, which in reality is a sophisticated one fraud who uses the codice QR to steal money and data. These fake reports look like fines in every way, complete with the logo of the Municipality of the Milanese capital. And they exploit the smartphone camera to target users.
The fake fines scam in Milan, a QR code to steal money and data
These reports placed on the windscreens of parked cars appear to be issued according to the provisions of the “second paragraph 8 of article 157 of the Highway Code”, but in reality they hide a dangerous deception. Scanning the QR code takes you to a website registered in Ukraine. Site that then collects money from unwitting victims. Not only that: what is most worrying is the intent of acquire personal data and credit card numbers of the unfortunate. So that users don’t just lose the fine money, but a lot more.
The scam attracted the attention of the authorities, coming to the attention of the local police of Milan, who immediately denied the authenticity of these communications, as reported by Milano Today. “We have received reports regarding notices of alleged infringements left on parked vehicles,” they said from the headquarters in Piazza Beccaria, inviting citizens not to believe such fraudulent messages. “For some time in Milan, the local police no longer uses paper infringement notices on vehicles (Adi), since the system is completely electronic, precisely to avoid situations of this type,” he specified Marco Granelli to the Milanese newspaper.
How the QR Code fake fines scam works
The deception takes shape with a note placed under the windshield wiper of the car. Whoever collects it must scan a codice QR present on the ticket, which refers to a fake site with the State Police logo. Entering a license plate number, even a random one, starts the loading of a new page which invites the recipient to regularize the alleged infringement by paying a sum of 12,50 euro.
This amount can be paid using credit cards Visa, Mastercard o Paypal. However, the portal also requires an email and phone number, sensitive data that could be used for other fraudulent purposes.
A deeper analysis of the site reveals that it was made using simple code HTML, with a server and database structure. The apparent purpose of this fraud is to accumulate credit card numbers, personal data and telephone numbers. The site is hosted on a server in Ukraine and, as reported by Milano Today, was created just a few days ago, the November 17. In the “Registrant Name” field there is the wording “Privacy Protection”. Which would not happen if it were a state site.
How to check the authenticity of fines
As the police explain, fines in Milan are notified directly to the person who owns the vehicle, not with a piece of paper under the windshield. But if you want to be sure, in any city, that the fine you receive is real, there is a solution. In fact, the Milanese Commander advised residents to register in the “Citizen’s File” to promptly receive notifications of violations via digital devices, just enter your license plate number.
Before paying the fines, therefore, check that they actually arrive from the authorities. Not so much for the 12.50 euros lost, but for the credit card details which could cost you a lot, but much more.