QR code-based phishing campaign impersonates court notices for traffic violations
Summary
Hide ▲
Show ▼
A phishing campaign distributing fraudulent court notices via SMS targets U.S. residents with fake traffic violation claims, instructing recipients to scan a QR code that leads to a credential-stealing site. The messages impersonate state courts or DMVs and demand a $6.99 payment under threat of court action. Recipients across multiple states including New York, California, and Texas have reported the campaign, which uses CAPTCHAs and intermediary domains to evade detection. Scanned QR codes redirect victims to spoofed agency portals where personal and financial data is harvested.
Timeline
-
05.04.2026 22:44 1 articles · 2h ago
QR code phishing campaign escalates traffic violation scams with court notice impersonation
A new SMS phishing campaign distributes fraudulent court violation notices across multiple U.S. states, instructing recipients to scan a QR code leading to a credential-stealing portal. The campaign employs CAPTCHA challenges and intermediary domains to evade detection and analysis, targeting victims under the pretense of unpaid parking or toll violations with a uniform $6.99 demand.
Show sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44
Information Snippets
-
The campaign leverages SMS messages claiming to be from state courts or DMVs, alleging unpaid parking or toll violations with imminent court action.
First reported: 05.04.2026 22:441 source, 1 articleShow sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44
-
Recipients are instructed to scan a QR code embedded in a fraudulent court notice image, replacing direct phishing links used in prior 2025 toll violation scams.
First reported: 05.04.2026 22:441 source, 1 articleShow sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44
-
Scanning the QR code redirects to a CAPTCHA-protected intermediary page designed to hinder automated analysis and researcher investigation.
First reported: 05.04.2026 22:441 source, 1 articleShow sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44
-
Successful CAPTCHA completion leads to a spoofed DMV or state agency site (e.g., ny.gov-skd[.]org, ny.ofkhv[.]life) requesting a $6.99 payment for the alleged violation.
First reported: 05.04.2026 22:441 source, 1 articleShow sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44
-
Victims are prompted to enter personal information (name, address, phone, email) and credit card details, which are subsequently exfiltrated.
First reported: 05.04.2026 22:441 source, 1 articleShow sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44
-
The campaign has been reported in at least eight U.S. states: New York, California, North Carolina, Illinois, Virginia, Texas, Connecticut, and New Jersey.
First reported: 05.04.2026 22:441 source, 1 articleShow sources
- Traffic violation scams switch to QR codes in new phishing texts — www.bleepingcomputer.com — 05.04.2026 22:44