- Fraud at the loading dock: expert warns against false payment codes
Charging electric cars is far from a uniform process – there are different providers, various tariffs, and above all, many payment methods. The most popular way to pay for electricity from a charging station is likely a charging card. But what if the charging station doesn't accept it? Sometimes, the only option left is a QR code that allows you to pay and start the process.
As reported by the magazine "Auto Motor und Sport", more and more cases are being reported across Europe where the genuine provider's codes are being replaced with fake ones. Unsuspecting users are then lured into a trap with deceptively authentic but different codes. Here's how it works: The fraudulent QR codes on the charging station redirect to a manipulated website that looks like the portal of the corresponding electricity provider. Customers are then asked to enter their bank or credit card details to start the charging process. However, instead of being able to charge their car, a surprisingly large amount is debited from their account, and the money is gone.
There's an even more cunning variant of this scam, according to "Auto Motor Sport". In some cases, the targeted payment page behind the QR code was even the genuine provider's address. But with an addition: Through a clever redirect, the fraudsters were able to intercept the entered payment details, giving them a significant advantage. The electricity customer gets a functional charging station, which greatly increases the time window for misusing the entered data. Because if the station doesn't deliver power after the payment process, many victims will become suspicious quickly.
Electric car drivers across Europe are at risk
The IT security expert Eddy Willems told the specialist magazine: "Especially newly minted electric car drivers who are not yet familiar with public charging stations are at risk." He is aware of cases from Belgium, the Netherlands, France, Spain, Italy, and Germany.
Willems advises, if possible, to scan QR codes that are located on the screens of the charging stations – because they can't be covered up. Providers of charging stations react differently, but there seems to be a consensus: Either use the apps of the companies, as they are better protected against manipulation, or use the credit card readers on the stations instead of paying through a browser.
If there's only a sticker on the station, a victim who told his story to "Auto Motor Sport" has established the "nail test" as a reliable test. He feels with his fingernail whether there's another sticker underneath – this helps to expose fraudulent codes.
Electric car drivers using QR codes for payments at unfamiliar charging stations should be vigilant, as reported incidents of fake QR codes replacing authentic ones have led to financial losses. Eddy Willems, an IT security expert, recommends scanning QR codes from the charging station screens if possible, as they're harder to manipulate, or using credit card readers instead of paying through a browser.
Considering the rise of electric car usage across Europe, it's crucial for drivers to be aware of these scams to protect themselves and their finances while charging their vehicles.
