QRTrust Logo
Don't trust every QR code.
Back to blog
Security

Police Warn: New Quishing Scam Targets Classified Ad Sellers

8 min read

Three cases in Märkischer Kreis: Scammers send QR codes to sellers on classified ad platforms. Those who scan end up on fake payment pages and lose money.

Wuppertal Police warn of a new quishing variant that specifically targets sellers on online classified ad platforms. Three documented cases from the first half of 2025 show: Scammers are getting more creative – and victims remain unaware.

The New Scam: QR Codes Instead of Bank Transfers

In Iserlohn, Meinerzhagen, and Altena (Märkischer Kreis), three fraud cases were reported in the first half of 2025, where sellers on classified ad portals became victims of a new quishing method.

The scam is insidious: A supposed buyer responds to the ad – whether for a camera, shoes, or a Lego set. Instead of a normal bank transfer, the 'buyer' sends a QR code with the note that this is the fastest way to payment.

The documented cases:

  • Iserlohn (January 2025): Camera seller receives QR code, scans it, lands on fake payment page
  • Meinerzhagen (February 2025): Shoe seller receives code via WhatsApp, enters bank details
  • Altena (March 2025): Lego seller is prompted to enter login credentials via manipulated code

How the Scam Works

Step 1: Initial Contact

The scammer responds to a classified ad and poses as a serious buyer. Communication often occurs via WhatsApp or email.

Step 2: QR Code Instead of Transfer

Instead of a normal bank transfer, the scammer sends a QR code with the explanation: 'Scan this code to confirm payment' or 'This is how you can quickly receive the money'.

Step 3: Fake Payment Page

The QR code leads to a deceptively real replica website of a well-known payment service provider (PayPal, Klarna, etc.). The page looks professional – with logo, correct colors, and realistic design.

Step 4: Data Theft

The victim is asked to enter their bank details or login information 'for verification'. Once the data is entered, the scammers have access to the account.

Step 5: Unauthorized Debit

Instead of receiving money, the seller's account is charged. Often, multiple transactions are executed immediately before the victim notices the fraud.

Why This Scam Is So Dangerous

Trust in the Sales Process

Sellers expect to receive money, not to pay. The prospect of quick payment lowers vigilance.

Deceptively Real Fake Sites

The fake payment pages are professionally designed and hardly distinguishable from real websites. Even the URL looks legitimate at first glance (e.g., 'paypa1-secure.com' instead of 'paypal.com').

Time Pressure and Manipulation

Scammers put sellers under time pressure: 'I need the item urgently' or 'I'll transfer immediately if you scan the code'.

Communication Outside the Platform

As soon as communication moves from the classified ad platform to WhatsApp or email, the platform's security mechanisms no longer apply.

Police Recommendations: How to Protect Yourself

Wuppertal Police provide clear recommendations for sellers on online platforms:

1. Stay on the Platform

Conduct all sales negotiations within the classified ad platform. Do not switch to WhatsApp, email, or other channels.

2. No QR Codes for Payments

Legitimate buyers transfer directly via bank transfer or use the platform's payment function. QR codes are NOT common for payment recipients.

3. Check Internet Addresses

If you must scan a QR code, check the target page URL carefully. Look for typos, additional characters, or unusual domains.

4. Never Enter Login Credentials

As a seller, you don't need to 'log in' or 'verify' anywhere to receive money. Anyone asking for login details is a scammer.

5. Be Suspicious of Time Pressure

Scammers put sellers under time pressure. Legitimate buyers have no problem waiting for a normal bank transfer.

QRTrust: Technical Protection Against Classified Ad Fraud

While police educate, QRTrust provides technical protection. Before you scan a QR code – whether on classified ads, parking meters, or in official mail – QRTrust checks in real-time if the target URL is safe.

How QRTrust Protects You:

  • Scan QR code with QRTrust instead of the camera app
  • Instant check against 50,000+ known phishing URLs
  • AI-based detection of suspicious patterns (e.g., typos in domain names)
  • Redirect tracking: QRTrust follows redirects and shows the final target URL
  • Clear warning BEFORE visiting the site – not after

How to Use QRTrust:

  1. Open qrtrust.de in browser (works on any smartphone)
  2. Tap "Scan QR Code"
  3. Point camera at the code
  4. Wait for result: Green (safe), Yellow (suspicious), Red (danger)
  5. Only proceed with green result

For Classified Ad Platforms: Integration Possible

Platforms like eBay Kleinanzeigen, Vinted, or Kleinanzeigen.de can integrate QRTrust directly to protect their users:

API Integration

QRTrust offers a REST API that any platform can integrate into their security systems. Suspicious QR codes are automatically blocked.

Browser Extension

Users can install the QRTrust extension, which automatically checks all QR codes on websites.

Whitelisting

Platforms can have their official QR codes (e.g., for payments) marked as safe with QRTrust.

What to Do If You've Been Scammed

If you've already scanned a suspicious QR code and entered data:

1. Contact Bank Immediately

Call your bank immediately and have your card blocked. Many banks can still stop transactions if you act quickly.

2. Change Passwords

Change all passwords you entered on the fake site – especially for online banking and email.

3. Notify Police

File a report with your local police or online via the online police station in NRW. Collect all evidence (screenshots, chat logs, phone numbers).

4. Report to Platform

Report the fraud to the classified ad platform. They can block the scammer and warn other users.

5. Report Phishing URL

Report the fake website to QRTrust (qrtrust.de) or directly to Google Safe Browsing so other users can be warned.

Conclusion: New Quishing Wave Requires Vigilance

The cases from Märkischer Kreis show: Quishing is no longer limited to parking meters and official mail. Scammers exploit every opportunity where people scan QR codes – now also when selling online.

Police appeal to sellers: Stay on the platform, don't accept QR codes for payments, and be suspicious of time pressure.

Technical solutions like QRTrust provide additional protection. Those who check before scanning can prevent fraud before damage occurs.

Source

*About QRTrust: QRTrust is Germany's first QR code security platform, developed in Dortmund. With AI-powered real-time detection, local threat database, and 6-layer security check, QRTrust protects citizens, authorities, and businesses from quishing attacks. GDPR compliant, hosted in Germany. Participant in start2grow, the startup competition of Dortmund Economic Development.*

Back to blog