Scammer Allegedly Replaced M’sia Eatery’s Payment QR Codes So Payment Will Go to His Account Instead


Advertisements
 

QR Code Shenanigans Uncovered as Crafty Scammer Targets Unsuspecting Patrons

With the rising prevalence of e-payments via QR codes in this decade, it is to be expected that scammers are also developing their schemes in tandem.

A scammer in Seremban, Malaysia, has reportedly replaced a QR code with one that links to his own account, effectively tricking unsuspecting patrons into paying money to the wrong recipient.

The unfortunate victim of the crime was an eatery known as Lucky Kitchen, which had been operating for just over two months. It sells a variety of banmian dishes.

(Guess they weren’t that ‘Lucky’ after all…)

QR Code Led Patron to Another Bank Account

According to Sin Chew Daily, sometime before 26 November 2023, a customer of the eatery Lucky Kitchen was puzzled to find that upon scanning the QR code provided at the cashier, they were linked to an e-wallet account under the name Kway Hing Lai instead. 

With all the alarm bells setting off and red flags rising, the customer immediately brought it to the owner’s attention.

The scammer’s QR code was allegedly pasted atop of the restaurant’s QR code standee when the staff were not paying attention. When peeled off, the correct image linking to the restaurant’s account was revealed.

A friend of the owner, under the user handle Yingzz Lim Dkj, took to Facebook on 26 November to express her outrage at such a blatant yet cunning scam. 

“This scammer is amazing! Taking advantage of one’s busy schedule to put their own QR code on the restaurants,” she wrote in Mandarin. 

She identified the scammer Kway Hing Lai in her post, hoping to get any information from her followers.

She also warned fellow entrepreneurs to keep an eye on their QR codes, lest the same fate befalls them and they could potentially lose thousands of dollars as a result.


Advertisements
 

Scammer Used Real Name for E-Wallet

Yes, despite a seemingly diabolical plan, the scammer had seemingly forgotten to change the name of his account.

The original poster of the Facebook post told Shin Chew Daily News that the suspect was identified as a 53-year-old man, having found an address, phone number and photo linked to his Touch ‘n Go account.

Unfortunately, as the CCTV was not working at that time, authorities were not able to get a good look at the suspect’s appearance, but the poster hopes that they will be able to bring him to justice soon.

Despite the unfortunate circumstances, many Facebook commenters express doubt that a scammer would carelessly leave his private information around so easily, wondering if it was just a harmless prank. 

Commenters also reminded other netizens to double check with their merchants before making any transactions in the future. 

Owner Steps in to Improve Security in Restaurant

The eatery operator, Ms Loke Jingyi, told news outlets that she had been busy with running the restaurant since 7:30AM in the morning. 

She did not realise that her QR code standee had been maliciously tampered with.

Loke also expressed relief that no one had used the Touch ‘n Go e-wallet for payment before its discovery, which meant that there were no losses incurred that day.

The Touch ‘n Go system, using Malaysia’s DuitNow QR codes, enables not only Malaysians but also tourists from Singapore, Thailand, and Indonesia to conduct transactions through their respective local bank accounts.

While the investigations are ongoing, Ms Luo has decided to keep the QR payment standee out of reach from any patrons, and to install a speaker system that would audibly announce each time a payment had been received.


Advertisements
 

“Even though this will be more troublesome and involve some additional steps,” said Loke, “prevention is the best way to avoid the scenario where the customer has paid but the retailer cannot receive payment – a lose-lose situation.” 

Stay Safe, Stay Vigilant!

Singapore has its own fair share of QR Code scams too, with a man losing S$50 to a third-party QR code leading to a fake URL in May 2023 and a 60-year-old woman who lost $20,000 after scanning a QR code infected with malware

We should all remain vigilant to make sure we do not fall victim to these increasingly evil schemes. You can visit here to learn more about scams in Singapore.