Quishing attacks doubled in 2026. Stickers over real QRs on parking meters, menus, and flyers send you to phishing sites that look like the real thing. Decode the QR, paste the URL — ScamGuard checks it in seconds.
Sticker QR on a meter takes you to parking-pay.online — looks real, takes your card, no parking purchased.
An 'invoice' email with a QR instead of a link — bypasses your email filter and lands on a credential phishing page.
Quishing = QR code phishing. Scammers stick fake QR codes over real ones (parking meters, restaurant menus, charity flyers) so when you scan, you land on a phishing site instead of the real one.
Scan it with a camera app that previews the URL (most modern phones do this). Copy the URL and paste it into ScamGuard before tapping. Never tap a QR preview URL you don't trust.
Treat email QR codes with extra suspicion — attackers use them to bypass URL-scanning filters. Decode the QR with a scanner app, paste the URL into ScamGuard, then decide.
Many cities never put QR codes on meters. If there's a sticker QR (especially one that looks recently added), it's almost certainly a scam. Pay via the city's official app or website.
Yes.
1 free check, no signup needed. Then create an account for unlimited investigations.
We use cookies
ScamGuard uses cookies and the Meta Pixel for analytics and to improve scam detection. You can accept or decline non-essential cookies. See our privacy policy.