Gregory's Server|
87 comments
 @IanMoore3000 @amckinstry that's gon' be hard to detect if you have poor eyesight.  @pavsmith @IanMoore3000 @amckinstry Even if you have great eyesight, an updated URL code sticker is just the sort of thing a corporation would do, too. @Frances_Larina @IanMoore3000 @amckinstry paul blinks. thinks about it for a second. realises you're right. yeah, what could possibly go wrong.  @Frances_Larina @pavsmith @IanMoore3000 @amckinstry @TundraWolf You know they tell you to report anything suspicious on cash machines? A few years ago barclays uk machines got a green plastic protector over the card slot. It looked weird, I rang Barclays.. "Oh, we upgraded all the machines like that, but we didn't tell anyone about it..." @chloeraccoon we got a TEXT from our bank the other week wanting us to confirm a transaction on our credit card by texting back a yes or no. Husband blocked the number, the bank literally say on their Comms they won't text customers. But ..it was them and our fecking card got blocked cos we didn't answer!! @miridescent I get a letter every month from barclays saying they tried to email me about a new statement for my accounts being ready, but the email bounced back. Which is an interesting lie, as they don't have my email address... @amckinstry Can we go back to change please? I don't think it's fair to have payment systems that require a smartphone.  @michaele Seriously!! The apps don't even work half the time in my experience! @amckinstry Also, being required to use "google pay" or "apple pay" is intrusive and anti-privacy. You can have a smartphone and still not want to have financial arrangements with those services. I've had an iPhone since they were first introduced in 2007. I've still never set up payments with apple pay or google pay and hopefully will never have to.  @pieist @michaele @amckinstry I tried to use an "app" to pay for parking once. After many minutes of pissing around both on the phone and on the web site on a real computer I gave up. That's not how to build a system if you actually want people to give you money. But currency can't track where you park & positively identify you via your payment method? @amckinstry Complements the 'fine UK number plates for unevidenced alleged lane/toll infractions in Eire from a private debt-collection-shark address in London paying DVLA Swansea for the associated personal data-breach' scam then. @RejoinEU @amckinstry "Eire" is an Irish-language word meaning "burden". I think you mean "Ireland"?  @dec23k @RejoinEU @amckinstry Sure. But does he also get the Eurostar to Francais before driving on to Nederland, Deutschland and Osterreich? Or would he just write France, the Netherlands, Germany and Austria? If so, then why "Eire"? @dec23k @RejoinEU @amckinstry You don't really believe for a moment that Simon was trying to use Irish, do you? I'm sure he's lovely and all, but it was a use of "Eire" that I found condescending, when he should have used "Ireland", which is, unfortunately, all too common.  @amckinstry Whoa. It seems like such a obvious way to scam people. I guess it's a good thing to be very careful with retroactively updated or patched QR-codes. However, the sticker in the picture is too small and not applied in the conventional orientation, so luckily that one is easier to spot. @floppy @amckinstry I expect plenty of people don't realise that QR codes are supposed to always be in the same orientation, since the phone applies the transformation anyway @trantion @amckinstry I agree, likely many people don't know or don't care. But for those who do at least it's a hint something might be going on. And then ideally take action and remove a scammy QR sticker. @floppy @amckinstry  @nf3xn @amckinstry Not something I was suggesting, but I agree, fraud prevention should kick in earlier in the process. @floppy @amckinstry IKR but how 'easier to spot' when you aren't looking? This implementation is indefensible but it was rolled out anyway. They took away the only really secure way of paying - CASH because its convenient *for them*, for tracking and so they could charge outlandish fees. Probably the manager who championed this at the local muni now works for the parking meter company. That is not to say that you could not put a QR code on a hydrant and some idiot will scan it.  @floppy @amckinstry It also seems like a problem a business like this could have, where a payment provider needed to change but they couldn't afford to re-print the enamel boards. @floppy @amckinstry Unfortunately you could have a very nice professional-looking sticker overlaying the real one which was perfectly easy to spot, and many people would use it anyway assuming it was an official amendment/correction and not a scam.  Probably a web site which only charges for nothing and registers your credit card number and pin. I refused to pay last time I was in a lot that only had app payment options. I happened to not get a ticket, but I wonder how this would go over in court. We have a concept of "legal tender" for a reason. How can someone force me to download a thing (which I don't have a phone that can handle anyways) to pay? Now we see they are ripe for scam artists. I do wonder how fighting such a ticket would go. It would set precedence in some way or another. @chu you are free to not use the lot. Using a service and not paying because the payment options aren't to your liking doesn't seem like a good argument in court @sven @chu exactly. At least in the US you’d have no general right to use the lot, so the owner could specify whatever payment type they wanted. I don’t think this requires downloading an app though, the QR code is just to link you to their website to pay. A small point I know, and not germane to your original complaint. @amckinstry I'm so glad I left my car in Roscoff and use public transports during my short stay in Ireland. I had a free bus ride last night during a driver shift. The new driver didn't want us to wait in the rain and let everyone in for free 😀  There are no honest jobs anymore, and the rent is too damn high. @amckinstry The URL is right below the QR-code! I personally never scan those codes because i KNOW that there are scammers everywhere and i'm not too lazy to type in the URL into my browser. @amckinstry There's one reason I might have detected this without looking closer: The smaller square is at the top left instead of the bottom right (which of course doesn't make it unreadable, it's only upside-down from the usual orientation)  @waltertross     @amckinstry Absolutely endemic in the UK. People get scammed for card details and then also fined for not paying for parking. It's a mechanisation of an old scam though - people used to dress as parking attendants at isolated car parks and put out of order notices on the machines then just collect the money and vanish. @amckinstry All the fixes I can think for this - eg putting QR codes recessed behind a glass window with a sign saying "Do not scan if QR code not in this window" fail by scammers simply "skimming" the entire machine with a bogus machine front. @geospacedman @amckinstry @TundraWolf First failure: "with a sign". We all know people don't read signs, esp if they say "cash only", "Do not park here", etc...  @amckinstry i like to imagine it is a crafty person who actually needs the money trying to stick it to predatory companies. @anghenfil Are there malware checkers on any QR code reader for Android / IPhone ? @amckinstry That would only help against malware, I suspect mostly it will be a phishing webpage replacing the payment page. @anghenfil It seems to me that a quick improvement would be a standard text copy of the domain name immediately on top of the QR code, so that a phone could compare the URL and someone would be suspicious of a QR code labelled "scam_me.ru". @anghenfil @rugk This is where domain registrars should be earning their money. @amckinstry @anghenfil @rugk If you’re registering the domain name then you’re the registrar’s income stream. They’re not going to want to block you for any reason. And criminals are probably excellent customers because they need to register new domains all the time as the authorities shut down the old ones. To presume that the registrars would put the public’s interest ahead of their own seems very optimistic. @anghenfil @amckinstry @amckinstry Remember kids, QR codes can be tampered with just by sticking another code on top. Use QR codes responsibly. @amckinstry Maybe it isn't a scam and they got a new domain or something and don't wanted to buy a new sign? 🤔  Did the company write the URL which it redirects to below the QR code? I hope the company wrote the URL which it redirects to below the QR code. @amckinstry I'm not scanning a random qr code that's accessible to just anyone. Fuck off with that @amckinstry Nobody is *really* daft enough to point a phone at a QR code they see somewhere out in public are they?  @amckinstry@mastodon.ie position markers on the bottom right kind of gave it away, but you have to be a pretty huge nerd to notice that (I noticed)  @amckinstry QR codes require the background border around the entire code. That code likely won't scan. Scammers are getting sloppy.  |
@amckinstry wow, I am in awe of the criminal ingenuity