Share
SMS & SMISHING

RingGo parking payment text scam: is that "unpaid session" real?

A text saying your RingGo parking session was not paid, or that you owe a parking charge, is one of the fastest-spreading smishing scams hitting UK drivers in 2026. RingGo has publicly warned about the wave, and councils from Warwickshire to Inverness have flagged the same fake messages and QR codes.

SafeBrowz Threat Research Security ResearchJuly 16, 20268 min read

Is the RingGo unpaid parking text real?

Verdict: no, it is a scam. If you get a text claiming your RingGo parking session was not paid, that you owe an outstanding parking fee, or that a parking charge notice is due, and it pushes you to pay through a link, it is phishing. RingGo does send parking reminders, but it never asks for a fee or your card details through a text link. The link opens a page dressed up to look like ringgo.co.uk that harvests your card number and personal details. Do not tap the link and do not reply. Check any real parking session only by opening the official RingGo app or typing ringgo.co.uk into your browser yourself.

Why you are getting this text now

RingGo runs cashless parking in more than 500 UK towns and cities, so on any day millions of people genuinely have a live parking session or a card on file. Scammers blast the same "unpaid session" and "parking charge" texts to numbers pulled from breach lists, then wait for the small share of people who parked recently and half-expect a message. RingGo, Parkingeye, and several councils have all issued fresh warnings about the surge. The volume is exactly why so many drivers are searching whether their RingGo text is genuine.

What the scam looks like

The message arrives looking ordinary. A short parking note, sometimes a fake reference number, and a link. It claims your session was not paid, that a small charge is outstanding, or that a parking charge notice will escalate if you do not settle it. The threat of extra fees or "administrative restrictions" is the trap. It exists to make you tap before you think.

The link leads to a page built to look like the real RingGo site. First it may ask you to confirm your name, vehicle registration, and address, which feels harmless and builds trust. Then it asks for card details to clear the "outstanding" amount. The few pounds is not the point. The card number, expiry, CVV, and billing address you type into that form are the point. Within hours the card is tested with small charges and then used for larger fraud. Some versions skip payment and instead ask you to reply with a single letter like "Y", or to copy the link into Safari or Chrome to "activate" it. RingGo has confirmed it will never ask you to do any of that.

The unpaid-session text

"RingGo: Your recent parking session was not paid. Settle the outstanding balance to avoid a penalty: [link]"

"RingGo: You have an unpaid parking session. Pay now to prevent a charge being issued: [link]"

The fake parking charge notice (PCN)

A second flavour poses as a Parking Charge Notice, sometimes borrowing the Parkingeye name. "PCN reminder: your parking charge is unpaid. Additional fees apply if not settled within 48 hours: [link]". It leans harder on the threat of escalation, but the destination is the same card-harvest page.

The fake RingGo addresses to watch for

The real site is ringgo.co.uk, and its account portal is myringgo.co.uk. Scam links put the RingGo name on a domain RingGo does not own, often with random letters bolted on or an unusual ending. RingGo's own guidance shows the pattern: a link that starts with "ringgo" but carries extra characters before a strange top-level ending. Because these throwaway domains rotate almost daily, treat every one of the following styles as illustrative rather than a fixed list:

  • ringgo-parking-pay[.]cfd
  • ringgo-session-uk[.]top
  • pay-ringgo[.]random-string[.]cloud
  • ringgo-pcn[.]ink

The tell is always the same: the RingGo name sitting on a domain that is not ringgo.co.uk or myringgo.co.uk. Look at the part right before the first single slash. If it does not end in ringgo.co.uk, do not trust it, whatever words come before.

How RingGo and real parking charges actually work

The goal is to tell the genuine messages apart from the fakes, so here is what really happens.

  • Reminders, never card requests. RingGo texts you to say a session is ending or to nudge you to extend it. It does not ask for a fee, a card number, or a password through a text link.
  • One official domain, one branded sender. Genuine RingGo emails only ever come from an address ending in @ringgo.co.uk, never a Gmail or Yahoo address. Fake links do not point to ringgo.co.uk.
  • Real PCNs do not arrive as a payment text. A genuine Parking Charge Notice is stuck to your windscreen at the time or posted to the registered keeper's address. On private land the operator gets your name and address from the DVLA, but the DVLA does not hand over your mobile number, so a "PCN" demanding immediate online card payment by text is a red flag on its own.
  • Verify at the source. If you think you might actually owe something, open the official RingGo app or type ringgo.co.uk yourself. For a council PCN, use the phone number or website printed on the signage or on the paper notice, never a link from a text.
🛡 LIVE CHECK

Test a suspicious link right now

Got a RingGo or parking-charge text you are not sure about? Paste the link here before you tap it. Our 3-layer engine (Local + APIs + AI) returns a verdict in about 3 seconds. Free, no signup.

Full scan with deep AI analysis → · No URL is logged to your identity.

Catch the fake RingGo page before you type your card in

SafeBrowz runs a 3-layer detection architecture: Local + APIs + AI.

  • Layer 1 - Local detection: 60+ URL patterns plus 550+ brand-specific signatures run inside the extension before the page renders. When "ringgo" appears on a domain RingGo does not own, the lookalike-domain check flags it. A page on ringgo-parking-pay[.]cfd carrying the RingGo name is exactly the brand-on-non-official-domain signal this layer is built to catch, instantly, without any per-user browsing data.
  • Layer 2 - API checks: cross-references Google Safe Browsing, PhishTank, URLhaus, and known-bad domain feeds, plus a watchlist of the cheap and unusual TLDs (.cfd, .top, .ink, .cloud and similar) that these throwaway parking pages favour.
  • Layer 3 - AI content analysis (Premium): through our proxy, the page text is read for impersonation and card-harvest patterns, so a brand-new RingGo lookalike on a domain nobody has reported yet still gets caught.

Honest scope: SafeBrowz flags the fake RingGo page before you type your card number into it. It cannot claw back details you have already submitted, which is why the recovery steps below still matter. Detection signatures come from threat-intelligence research and our internal brand database, not from user browsing data. SafeBrowz does not store per-user browsing history.

Red flags checklist

  • It asks for payment or card details. RingGo does not collect a fee, a card number, or a password through a text link. Any "settle your session to avoid a penalty" message is fake.
  • The link is not ringgo.co.uk. A lookalike such as ringgo-session-uk[.]top, extra letters before a strange ending, or a shortened URL that hides the destination, is the giveaway.
  • It wants you to reply "Y" or copy the link into a browser. RingGo has confirmed it never asks you to reply with a single letter or paste a link into Safari or Chrome to activate it.
  • A "PCN" arrives by text. Genuine parking charge notices come on the windscreen or by post, not as an SMS demanding instant online card payment.
  • Pressure and a deadline. "Additional fees within 48 hours" exists to rush you. Real parking disputes give you time and a proper appeals route.
  • The sender. An out-of-country number, or an email that is not from @ringgo.co.uk even if the display name says RingGo, is a strong scam signal.

What to do if you got one

  1. Do not tap the link and do not reply. Treat the whole message as untrusted until you confirm it yourself in the RingGo app or at ringgo.co.uk.
  2. Report the scam text. Forward it free to 7726, the UK spam-report shortcode. Your mobile network uses these reports to block the sender.
  3. Report the fraud. Tell Action Fraud at actionfraud.police.uk or by phone on 0300 123 2040 (in Scotland, report to Police Scotland on 101).
  4. If you entered your card, lock the card in your bank app, call your bank's fraud line, and order a replacement. Watch for small test charges over the next day.
  5. If you entered your RingGo password, change it right away, and change it anywhere you reused it, then turn on two-factor authentication.
  6. Delete and block. Once reported, delete the message and block the sender.

Why parking apps are such a common target

The same template runs against toll operators, delivery firms, the DVLA, and council fines. Only the brand and the domain change. The mechanic, a small "outstanding" charge or a fake notice in front of a card-capture form, is interchangeable. RingGo shares its DNA with UK fee-bait smishing like the DVLA vehicle tax scam and toll-style bait such as the unpaid toll text scam and the wider toll and traffic fine text scam. It works the same way as the traffic ticket text scam and the Evri redelivery fee text scam. If you want the underlying method, our guide on how a phone text scam works walks through it.

Frequently asked questions

Is this RingGo parking text genuine?

If it asks you to pay a fee, settle an unpaid session through a link, reply with a single letter, or hand over card details, it is not genuine. RingGo sends parking reminders, but it never charges a fee or collects card details through a text link, and genuine RingGo emails only come from an address ending in @ringgo.co.uk. When in doubt, ignore the message and check your parking only in the official RingGo app or at ringgo.co.uk.

Does RingGo ever text you to pay an unpaid parking session?

No. RingGo texts you reminders that a live session is ending, but it does not send a text demanding payment for an "unpaid session" through a link. Any message pushing you to a payment page to clear a small outstanding balance is a scam, no matter how small the amount.

Can a real parking charge notice arrive by text?

A genuine Parking Charge Notice is either fixed to your windscreen at the time or posted to the registered keeper's address. On private land the operator gets your name and address from the DVLA, but not your mobile number, so a PCN that lands as a text demanding immediate online card payment is a red flag on its own. Verify any real charge using the details on the paper notice or the car park signage, never a link from a text.

The link looks almost like the RingGo site. Is it safe?

Look at the part right before the first single slash. The real site ends in ringgo.co.uk (or myringgo.co.uk for your account). Scam links add extra letters or use a different ending, such as a .cfd, .top, .ink, or .cloud domain that RingGo does not own, or hide everything behind a shortener. The RingGo name on an unfamiliar domain is the tell. When in doubt, do not tap it, and paste it into the checker on this page first.

I entered my card on a fake RingGo page. What now?

The few pounds is not the real loss. The scammer now has your card details and will try larger fraud. Lock the card in your bank app right away, call your bank's fraud line, order a replacement card, and watch for tiny test charges over the next day. If you also typed your RingGo password, change it and anywhere you reused it. Report the loss to Action Fraud on 0300 123 2040.

Where do I report a fake RingGo text in the UK?

Forward the scam text free to 7726, the UK spam-report shortcode. Report the fraud to Action Fraud at actionfraud.police.uk or on 0300 123 2040 (in Scotland, Police Scotland on 101). Then delete the message and block the sender.

Bottom line: The RingGo "unpaid parking session" and "parking charge" text is the UK cousin of the DVLA and toll-fine scams. Same trick, different logo. RingGo sends reminders, but it never charges a fee or asks for card details by text, and a real PCN never arrives as a payment SMS. Never tap the link. Verify in the app or at ringgo.co.uk yourself, and put SafeBrowz on your browser so the fake RingGo page never loads in the first place.

Install SafeBrowz free

Add the browser extension, or the SafeBrowz Android app, that runs every check in this article automatically, on every page, before it renders. Free forever.

Chrome Add to Chrome Firefox Add to Firefox Edge Add to Edge Google Play Get on Android

Related reading