Latest news with #ChrisAinsley
Yahoo
7 days ago
- Yahoo
‘Pay here': the QR code ‘quishing' scam targeting drivers
You park the car and look for somewhere to pay. A large QR code on the machine offers to take you directly to the right website where you put in your card details before going on with your day. Only much later are you hit with the double whammy: money gone from your account, and a fine for not paying the genuine parking company. The rise in app- and phone-based parking payment has opened a new frontier for fraudsters: quishing – so called because they are phishing attacks that start with a QR code. The fraudsters stick the codes in places where you would expect to see details of how to pay to park. When you scan one, it takes you to a site where you are asked for your payment details – as you would expect when booking parking. One victim who scanned a code in a station car park told the BBC that the fraudsters tried to take payments then posed as her bank to get more information from her, before running up £13,000 worth of debt in her name. Last year, the UK's Action Fraud received 1,386 reports of scams involving QR codes – a small number, but more than double that in the previous year. In just the first three months of 2025 there were 502, suggesting the problem is growing. Chris Ainsley, the head of fraud risk management at Santander UK, says it is hard to get a full picture of the scale of the fraud. 'Unless drivers receive a parking ticket, a lot of people are unaware that their personal or card details were compromised in this way,' he says. 'When it comes to reporting the eventual scam, often the fact that it originated through quishing goes undocumented.' A QR code where you might expect to see one – on a parking charge machine, on a post in a car park or sometimes on a public EV charger. The code will be on a sticker. The website will ask for your payment details. It will also ask for your car details, but that is likely to be just an attempt to convince you it is a legitimate parking website. You may later get a call from someone pretending to be from your bank who will use the information you have given and tell you that you have been defrauded and need to move your money to a safe account. The safe account is actually in the control of the scammers. Do not do as they ask – your real bank would never request this. Be suspicious of any QR code on a parking payment machine or signpost in a car park. Check that it has not been stuck over a legitimate code. If you have the right parking app already on your phone, use that rather than scanning a code. Use cash or a card to pay at a machine if those are an option. Check the URL of the website before you click on it – it should appear on your phone as you scan the code. Do not click on it if it looks suspicious. When you land on a page through a QR code, check details to make sure it is not a fraudulent version. Giveaways include weird URLs and bad spelling. Check that the URL includes HTTPS, rather than HTTP, before handing over details. Keep an eye on your bank account and report any suspicious payments to your bank. Report the scam to the local council, police and car park owner if it is a private company. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
The Guardian
7 days ago
- The Guardian
‘Pay here': the QR code ‘quishing' scam targeting drivers
You park the car and look for somewhere to pay. A large QR code on the machine offers to take you directly to the right website where you put in your card details before going on with your day. Only much later are you hit with the double whammy: money gone from your account, and a fine for not paying the genuine parking company. The rise in app- and phone-based parking payment has opened a new frontier for fraudsters: quishing – so called because they are phishing attacks that start with a QR code. The fraudsters stick the codes in places where you would expect to see details of how to pay to park. When you scan one, it takes you to a site where you are asked for your payment details – as you would expect when booking parking. One victim who scanned a code in a station car park told the BBC that the fraudsters tried to take payments then posed as her bank to get more information from her, before running up £13,000 worth of debt in her name. Last year, the UK's Action Fraud received 1,386 reports of scams involving QR codes – a small number, but more than double that in the previous year. In just the first three months of 2025 there were 502, suggesting the problem is growing. Chris Ainsley, the head of fraud risk management at Santander UK, says it is hard to get a full picture of the scale of the fraud. 'Unless drivers receive a parking ticket, a lot of people are unaware that their personal or card details were compromised in this way,' he says. 'When it comes to reporting the eventual scam, often the fact that it originated through quishing goes undocumented.' A QR code where you might expect to see one – on a parking charge machine, on a post in a car park or sometimes on a public EV charger. The code will be on a sticker. The website will ask for your payment details. It will also ask for your car details, but that is likely to be just an attempt to convince you it is a legitimate parking website. You may later get a call from someone pretending to be from your bank who will use the information you have given and tell you that you have been defrauded and need to move your money to a safe account. The safe account is actually in the control of the scammers. Do not do as they ask – your real bank would never request this. Be suspicious of any QR code on a parking payment machine or signpost in a car park. Check that it has not been stuck over a legitimate code. If you have the right parking app already on your phone, use that rather than scanning a code. Use cash or a card to pay at a machine if those are an option. Check the URL of the website before you click on it – it should appear on your phone as you scan the code. Do not click on it if it looks suspicious. When you land on a page through a QR code, check details to make sure it is not a fraudulent version. Giveaways include weird URLs and bad spelling. Check that the URL includes HTTPS, rather than HTTP, before handing over details. Keep an eye on your bank account and report any suspicious payments to your bank. Report the scam to the local council, police and car park owner if it is a private company.
Daily Mirror
12-05-2025
- Daily Mirror
All WhatsApp users placed on red alert - delete 'dangerous' new message now
WhatsApp users must be on high alert and avoid being fooled by the return of a popular scam. Anyone who regularly uses WhatsApp - or rival text message platforms - must keep an eye out for the resurgence of a worrying attack. It appears that scammers are back and trying to steal money using the devastating "Hi mum" text. For those not aware, this highly successful scam attempts to trick victims into handing over money to someone they believe is a loved one in trouble. It has certainly paid off for the online thieves, with millions thought to have been lost to the tactic. The threat usually starts with a very simple text that just says, "Hi, mum" or "Hi dad". As soon as the victim responds, the online thieves then attempt to trick them into handing over money with pressure tactics used to force payments before people have a chance to consider what they are doing. Making things even more worrying is the use of AI. Scammers can now create voice messages which sound just like the family member in need. These are then used to increase the chances of an attack being successful. "We're hearing of instances where AI voice impersonation technology is being used to create WhatsApp and SMS voice notes, making the scam seem ever more realistic," Chris Ainsley, Santander's head of fraud risk management, explained. 'If you're ever asked for money out of the blue on any social or communication platform, verify the request by picking up the phone.' Security experts are also warning users to be wary before replying to any messages that ask for money or begin with "Hi mum". "Scammers aren't hacking devices, they're hacking emotions," Luis Corrons, Security Evangelist at Norton explained. "These 'Hi Mum' messages weaponise trust, urgency and love. And that makes them more dangerous than any malware. This scam works not because parents are careless, but because they care. "When you get a message from your child saying they're in trouble, your first instinct is to help. Scammers know that and exploit it." Norton has also now announced five vital tips on how you can protect yourself and your loved ones from these attacks. Check them out below and please stay alert. • Contact them in person: Reach out to your child using the number you already know. This can quickly reveal whether something is off. • Be careful with generic language: If a message starts with "Hi Mum" or "Hi Dad" and sounds impersonal or unlike your child's usual tone, be cautious. • Question financial emergencies: Emotional pressure is common in these scams. Stay calm and verify the situation before making any decisions. • Stay up to date: Learn about emerging scams and make sure your phone is protected with trusted security software.
South Wales Guardian
10-05-2025
- Business
- South Wales Guardian
Santander issues urgent WhatsApp warning to all customers
Between 2023 and 2025, UK victims lost £226,744 to these scams, according to Action Fraud. The latest scam, which has been doing the rounds for some time, is an impersonation scam. Impersonation scammers do not always pose as children – sometimes they pretend to be friends, and sometimes they claim to be parents. How to call your bank by dialling just 3 numbers… simply dial 1-5-9! Then you know it's legit, watch the video for more info. Please share, the more people know, the fewer will be scammed. 'Hi mum,' the first message starts, 'I've lost my phone.' Chris Ainsley, Santander head of fraud risk management, says the scams are evolving at 'breakneck speed'. He says: 'We're hearing of instances where AI voice impersonation technology is being used to create WhatsApp and SMS voice notes, making the scam seem ever more realistic.' Scam texts can be forwarded to 7726, and WhatsApp messages can be reported via the app. Experts advise verifying requests for money by contacting the supposed sender directly via a known phone number, and to avoid transferring money to unfamiliar accounts. Hannah Bingle, Yorkshire Building Society Financial Crime Awareness Specialist, explains what to do if you receive a 'hi mum' message. Hannah says: "Scams where the sender pretends to be a loved one can be really unsettling. Recommended reading: "If you receive a message claiming to be someone you know using a new number, don't take it at face value. Try to call them on their existing number – you can quickly find out if the real person knows about the messages. "If you're still not sure, you can ask something the genuine person would know but a scammer couldn't guess. Something simple like where you last met, the name of a pet or someone you both know. "Don't be rushed into sending anything. A real family member or friend wouldn't mind you checking their details before handing over your money or information."
Scottish Sun
06-05-2025
- Scottish Sun
Urgent warning to parents on WhatsApp over worrying message that tricks users into handing over cash
Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) PARENTS are being urged to stay vigilant as a Whatsapp scam targeting mum's and dad's is becoming increasingly prevalent. Scammers pretend to be the victim's children, beginning their messages with 'hi mum', or 'hi dad'. Sign up for Scottish Sun newsletter Sign up 2 Parents have been warned over a WhatsApp scam Credit: Getty 2 The scam targets concerned parents Credit: Getty They then claim to have lost their phone and be locked out of their bank account, praying on the parents' concern for their children's safety. Eventually, the fraudsters beg the mum or dad for rent money, with parents often forking out as they genuinely believe the texts are from their children. These messages often arrive via WhatsApp or text message, with scammers also sometimes pretending to be close friends or parents. According to Action Fraud, these types of scam messages led to a financial loss of £226,744 in the UK between 2023 and 2025. Scammers were most successful when pretending to be sons, followed by daughters and then mothers, according to data collected by Santander. Chris Ainsley, Santander's head of fraud risk management has warned that the the scam is now becoming more believable thanks to the use of AI. He told The Independent: "We're hearing of instances where AI voice impersonation technology is being used to create WhatsApp and SMS voice notes, making the scam seem ever more realistic. "If you're ever asked for money out of the blue on any social or communication platform, verify the request by picking up the phone." These scams, known as 'smishing' (a combination of SMS and phishing) begin with a friendly message, pretending to be someone close to the recipient. If the messages are ignored, the senders often send repeated messages, using generic details to try and strike up a conversation, and make the recipients believe they are talking to family members. The scammer will then claim that they urgently need money as they don't have access to their bank account, and will ask for money to be transferred to an unrecognised account. For anyone worried that they are being targeted by this scam, experts recommend contacting your loved one via their real number, and waiting a while to see if they respond. You could also ask a question that only your loved one would know the answer to, or set up a code word in advance to ask the sender for if you worry they are not who they say they are. If you have already sent the cash over before releasing you are the victim of a scam, you should call the bank straight away to stop the payment. What is phishing? HERE's what you need to know: Phishing is a type of online fraud It's typically an attempt to nab some of your data Phishing generally involves scammers posing as a trustworthy entity For instance, fraudsters could send you an email claiming to be your bank, asking for details Scammers can also set up fake websites that look like real ones, simply to hoodwink you Phishing can take place over email, social media, texts, phone calls and more The best defence against phishing is to be generally sceptical of weblinks and emails, especially if they were unsolicited This comes after WhatsApp closed down on three mobile devices, with affected users blocked from sending or receiving messages. From Monday, only users with iPhones capable of supporting iOS version 15.1 and newer are able to use the messaging app. The models affected by the switch off are iPhone 5s, iPhone 6 and iPhone 6 Plus. All of these models were released over 10 years ago, so if you have purchased a phone in the last decade, you should be unaffected. Explaining the reason for the shutdown, WhatsApp said: "Devices and software change often, so we regularly review what operating systems we support and make updates. "Every year we look at which devices and software are the oldest and have the fewest users. "These devices also might not have the latest security updates, or might lack the functionality required to run WhatsApp. "Before we stop supporting your operating system, you'll be notified in WhatsApp and reminded a few times to upgrade."
