Watch out! How to avoid EV charging station scams
The rise in EV adoption across Europe inadvertently creates opportunities for fraudulent activities related to EV charging. Fraudsters can prey on consumers new to EVs that may not be aware of how to use charging stations or what could be suspicious behaviour.
Don’t worry, if you know what red flags to look out for you’ll be confident in using charging points safely. As with most scams, if it sounds too good to be true it probably is. By understanding how these scams operate you can take proactive steps to protect yourself, and potentially others, from becoming victims of a fraud.
Scammers are after your personal and financial details because they can:
- sell these to other fraudsters,
- use it for identity theft,
- open accounts in your name,
- obtain services in your name,
- steal funds from your bank account,
- use obtained login credentials to access other accounts that are using the same login (username and password),
- make unauthorised purchases in your name
1. Fake subscription scams
Aimed at targeting individuals looking for memberships or subscription based services giving them access to EV charging networks that may offer lower prices or other benefits that are not available to non-members.
How do they do it?
Scammers craft an appealing offer, advertising a subscription or membership that promises significant advantages. The fraudulent offer is marketed through various channels, including social media, email campaigns, fake websites, or even through cloned apps that mimic legitimate services. These communications are designed to look professional and trustworthy, often using logos and branding that resemble those of legitimate companies.
The catch
When you sign up through a form you are providing personal information and payment details. This is crucial as it allows scammers to collect sensitive information that can be used for further fraudulent activities. Your personal and financial information can be sold for identity theft or unauthorised transactions.
Red flags to watch out for
Unrealistically low prices, high-pressure sales tactics, or requests for unnecessary personal information.
How to verify the authenticity
Always use official websites or apps for subscriptions. Avoid clicking on links from unsolicited emails or social media ads.
Research the company offering the subscription. Look for reviews, complaints, and official affiliations.
Be wary of services demanding payment via wire transfer, cryptocurrency, or gift cards.
2. QR code tampering scams
QR codes are increasingly popular for initiating charging sessions and making payments. QR code scams exploit the convenience and trust in scanning a QR code to access services quickly and seamlessly.
How do they do it?
Scammers create fake QR codes that mimic those legitimately used by EV charging stations. These counterfeit codes are then placed over the original ones at the charging stations or are displayed on a screen, in an email, or through a fake website designed to look like it’s associated with the charging service.
An unsuspecting EV owner arrives at the charging station and, seeking to initiate a charging session, scans the QR code with their smartphone. Instead of leading to the legitimate service, the scanned QR code redirects the user to a fraudulent website or prompts the download of a malicious app. This site or app is designed to closely resemble the real service provider’s interface, making it difficult for users to immediately recognize the deception.
The catch
The fraudulent website or app asks the user to enter personal and payment information under the guise of initiating the charging session or making a payment. This information can include names, addresses, credit card details, or even login credentials for the legitimate charging service.
Red flags to watch out for
Check for tampering signs at the charging station, such as stickers placed over the original QR code.
How to verify the authenticity
Whenever possible, use the charging station’s official app to initiate sessions and payments, rather than relying on QR codes. Use RFID tags instead of QR codes whenever possible. You can order one for free through the easyCharging app.
Be cautious if a scanned QR code leads to a webpage asking for personal or financial information.
3. Fake charging stations scams
The scam involving fake charging stations can leverage digital misinformation but can also be much more sophisticated where scammers set up physical charging stations that are non-functional.
How do they do it?
Scammers create listings for charging stations that do not exist on popular navigation apps or EV-specific apps used by drivers to locate nearby charging options. These listings might include false details about the location, availability, and pricing of the charging service.
Scammers develop websites or mobile apps that mimic legitimate charging networks. These platforms may offer attractive charging rates or exclusive access to charging stations, requiring users to register and provide payment information upfront.
In more elaborate schemes, scammers might set up physical charging stations that appear real but are non-functional. These stations could be equipped to collect payment information directly or prompt users to pay via a linked website or app.
The catch
When EV owners attempt to use the services advertised by the fake charging stations, they are often required to input personal and payment information, supposedly to initiate the charging process or reserve a charging slot. Scammers can use the collected payment information for unauthorised transactions, charging the victims for services that are never rendered.
Red flags to watch out for
Charging stations located in odd or secluded areas where you wouldn’t typically expect to find such infrastructure could be suspicious. Be cautious if the station lacks information on pricing, charging speed, or contact details for customer support.
How to verify the authenticity
Use multiple sources to confirm the existence and legitimacy of a charging station. If the charging station doesn’t appear on official maps or apps provided by reputable charging networks but is listed on third-party apps or websites, it warrants further verification.
Be wary of any charging station that requires payment information before it allows you to charge.
4. Phishing scams
Scammers can exploit our increasing reliance on digital platforms for accessing and paying for EV charging services with sophisticated phishing messages.
How do they do it?
Scammers begin by crafting emails, text messages, or social media messages that appear to be from legitimate sources, such as well-known EV charging network providers or manufacturers. The message often contains a sense of urgency or offers an incentive. For example, it might claim that your charging account has been suspended due to suspicious activity, or offer a limited-time discount on charging services.
The catch
The message includes a call to action, such as clicking on a link to verify your account details, update payment information, or claim an offer. The link in the phishing message redirects the victim to a website that closely resembles the interface of the legitimate service provider.
The fake website prompts victims to enter sensitive information, such as login credentials, credit card details, or personal identification numbers. The design and requests appear legitimate, making it difficult for users to recognize the scam.
Red flags to watch out for
Typical signs of a phishing attempt are spelling mistakes, generic greetings, misspelt or altered URLs or discrepancies in the email addresses.
How to verify the authenticity
Access the service provider’s official website or app by typing the URL directly into your browser or using a bookmark.
Verify the authenticity of a message by contacting the charging network or service provider directly through official channels.
5. App cloning and malware scams
Designed to deceive EV owners into downloading and using fraudulent applications that mimic legitimate EV charging apps.
How do they do it?
Scammers create copies (clones) of popular EV charging apps. These cloned apps are designed to look and feel like the real ones, with similar logos, user interfaces, and functionalities.
The cloned apps are embedded with malicious code or malware. While they may provide some basic functionalities to appear legitimate, their primary purpose is to carry out malicious activities without the user’s knowledge.
These cloned apps are often distributed through third-party app stores or download links shared via email, social media, or phishing websites.
The catch
Once installed, the app can request permissions that allow it access to sensitive information, such as contact lists, email accounts, and even payment information stored on the device.
Some cloned apps may further compromise the device’s security by installing additional malware, which could monitor the user’s activities, capture keystrokes (keylogging), or access other personal apps and accounts.
Red flags to watch out for
Having to download an app from a link rather than from Google’s Play Store or Apple’s App Store. Be wary of apps that request excessive permissions that are not relevant to their functionality.
How to verify the authenticity
Cloned apps are very rarely found on reputable app stores like Google Play or Apple’s App Store, which have strict app review processes. Always download apps directly from the Google Play Store, Apple App Store, or the official website of the EV charging service.
Before downloading, read through the app’s reviews and ratings on the official app store.
How to protect yourself from being scammed
Verify Before Subscribing
Research any subscription service thoroughly before signing up. Check for reviews and confirm the legitimacy through official channels.
Scan QR Codes with Caution
Use your mobile device’s camera or a trusted QR code scanner app that can check for malicious links.
Verify Charging Station and Network
Use reputable apps and websites to find charging stations. Check reviews and ratings of the charging network.
Double check Rates Before Charging
Always check the charging rate displayed at the station before starting a session. If the rate isn’t displayed or seems unclear, consider using another station.
Monitor Transaction Details
Keep an eye on the charging rates before, during, and after the session. Report any discrepancies to the service provider.
Use Secure Payment Methods
Prefer contactless payments or secure payment methods that offer fraud protection. Avoid using debit cards directly if possible. Legitimate charging stations typically accept credit cards or payments through official apps. If a station asks for payment through unusual methods (like cryptocurrency, gift cards, or wire transfers), it’s a red flag.
Download Apps from Official Sources
Only download charging network apps from trusted app stores, and ensure you’re using the official version.
Examine App Permissions
Be wary of apps that request excessive permissions that are not relevant to their functionality. Legitimate EV charging apps should not need access to sensitive information unrelated to charging services.
Be Wary of Unsolicited Offers
Treat unsolicited emails or messages with scepticism, especially if they ask for personal information or immediate payment.
Educate Yourself on Phishing Tactics
Be sceptical of unsolicited communications. Verify the authenticity of any requests by contacting the service provider directly through their official contact methods.
Use Multi-Factor Authentication (MFA)
Enable MFA on accounts where available. This adds an additional layer of security, making it harder for scammers to gain unauthorised access even if they have your credentials.
Check for Misspellings and Typos
Scammers often rely on slight misspellings or typos in domain names to create URLs that appear similar to legitimate ones. For instance, “amaz0n.com” instead of “amazon.com”. Scammers might add extra words or letters, and use hyphens or shorten the URL.
Keep Apps Updated
Ensure that your smartphone’s operating system and security software are up-to-date to protect against malware.
Official Sources
Always use official websites or apps for subscriptions. Avoid clicking on links from unsolicited emails or social media ads.
Report Suspicious Activity
Protect other EV drivers by reporting any suspicious charging points to the network operator and relevant consumer protection agencies.
Staying informed about these scams and adopting a cautious approach when interacting with new or unfamiliar charging services can significantly reduce the risk of falling victim to these fraudulent activities. As the EV market grows, scammers will continue to evolve their methods, making continuous education and vigilance essential for all EV owners.
To safeguard against these scams, it’s advisable to use charging stations operated by well-known and reputable providers, verify station locations via official apps or websites, and be cautious of unsolicited offers or requests for personal information. Always scrutinise the URL of any charging service website for authenticity and avoid downloading mobile apps from unofficial sources.