Fraud moves into payment UX
Reports show fraud is increasingly attacking user interfaces: Klarna customers are being targeted with phishing and fake payment requests, and fake QR codes on Linz parking machines have redirected users to scam sites. Those incidents highlight attacks through payment prompts and QR surfaces rather than only backend transaction anomalies. (it-boltwise.de), (kleinezeitung.at)
Payment fraud is shifting to the screen people trust most: the checkout prompt, the invoice link, and the QR code on a machine. (klarna.com) Klarna says scam attempts can arrive by email, text message, or phone call from people impersonating the company, often pushing users to click links, share one-time passwords, or hand over payment details. The company tells customers not to respond, not to click, and to report the attempt through its phishing form. (klarna.com) If a customer sees an unauthorized purchase in Klarna, the company says they can report identity theft in the app and have payments paused while Klarna investigates. Klarna also tells users to contact their bank or card issuer, change their password, enable two-factor authentication, and file a police report. (klarna.com) In Linz, Austria, the same playbook showed up in physical form. The city said on April 9, 2026 that unknown people placed fake QR-code stickers on parking machines to redirect drivers’ payments to fraudulent accounts. (linz.at) Linz described the method as “quishing,” a phishing scam that uses a QR code instead of an email link. The city said the fake stickers were placed over official EasyPark codes on multiple machines across the city. (linz.at) Austria’s public broadcaster ORF reported that one fake parking page demanded an immediate registration payment of 250 euros, while the real system charges only the actual parking fee. ORF said a resident and city inspectors spotted the stickers, the city filed a police report, and no damage had been reported at that point. (orf.at) The common thread is that the fraud happens before any bank’s back-end controls can flag an odd transfer. The victim is being steered by a convincing interface that looks like a normal bill, a normal payment request, or a normal code to scan. (klarna.com) That changes what “checking for fraud” looks like. Klarna tells users to verify that links match Klarna’s domain and to treat urgency, threats of account deactivation, and requests for passwords or payment details as warning signs; Linz tells drivers to inspect whether a QR label has been tampered with and to look for the official EasyPark marking. (klarna.com) (linz.at) Linz has now said it will tighten checks on parking machines across the city, and Klarna is routing users toward in-app fraud reporting and phishing reports. In both cases, the first defense is no longer just spotting a bad transaction after the fact; it is spotting a fake payment surface before money moves. (linz.at) (klarna.com)
