Skip to main content
close search
site logo
Dive Brief

Gettysburg quishing scam highlights facilities’ vulnerability

Parking services are sometimes a target. Scammers are using QR codes to redirect people away from legitimate payment methods, safety bulletins say.

Published June 12, 2025
Robert Freedman's headshot
Lead Editor
Gettysburg parking lot quishing scam
QR codes on facility premises are being used to scam people. Miguel Paricia via Getty Images

Dive Brief:

  • When Gettysburg, Pennsylvania, alerted businesses June 10 to a parking lot scam, it was a reminder that facilities are vulnerable to quishing – the fraudulent use of QR codes. 
  • Scammers were collecting people’s financial information by sticking QR codes onto parking meters and inside a municipal garage and directing drivers to scan the codes to make parking payments.
  • "The Gettysburg Parking Department does not use QR codes [for drivers] to pay for parking," the municipal government said in an announcement about a rise in this type of scam, local news sources reported.

Dive Insight:

Quishing, also known as QR code phishing, is often used in email or website scams but scammers are using it in physical spaces as well, the U.S. Postal Service says in a February alert

“Scammers post physical images of QR codes in a high traffic location [that] takes you to a scammer’s website … where the scammer lures you into providing personal or financial information,” the Postal Service says. 

Widely available software programs like Adobe Express  and Canva make printing QR codes simple. That gives scammers an easy way to create official-looking codes that can be placed on parking turnstiles and elsewhere on property premises.

“Signs, posters, flyers, or other physical locations” are quishing targets, the Postal Service says. 

Unlike with URLs in online scams, people can’t hover over the code to look for telltale signs of fraud, like slight variances in website names. 

“It’s just an image,” Dave Hatter, a cybersecurity specialist, says in a news report by WKRC in Cincinnati. “You would literally have to scan it to test it.”

In the Gettysburg case, people who scanned the code were taken to a fake parking website, where they were asked for payment information. 

Recommended Reading

Filed Under: Health & Safety

Editors' picks

Company Announcements

View all | Post a press release

Want to share a company announcement with your peers?

Share your announcement

Editors' picks
Latest in Health & Safety
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.