Spam now using QR codes

Powered by SC Magazine
 

Targets mobile users.

Researchers have revealed a new type of spam campaign that appears to be a test run to find out how mobile users will respond to social engineering attempts on their smart phones and tablets.

The spam emails had hawked male enhancement drugs but were different in that they contained a link to a legitimate site -- 2tag.nl -- that generated quick response (QR) codes for URLs.

The link leads to an already-created QR code, which can be scanned by a mobile reader application.

After the code is recognised, a URL is loaded that advertised the counterfeit goods, including Viagra and Cialis.

"This is a clear movement and evolution of traditional spammers toward targeting mobile technology," Websense Security Labs researcher Elad Sharf said.

It was the first time Websense senior manager of security research Patrik Runald and his team had seen QR codes used in spam.

He said that the culprits may be trying out this tactic to see how people respond, with the goal of eventually evolving it to foist malware.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Spam now using QR codes
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1888

Vote
Do you support the abolition of the Office of the Information Commissioner?