Spam now using QR codes

By

Targets mobile users.

Researchers have revealed a new type of spam campaign that appears to be a test run to find out how mobile users will respond to social engineering attempts on their smart phones and tablets.

Spam now using QR codes

The spam emails had hawked male enhancement drugs but were different in that they contained a link to a legitimate site -- 2tag.nl -- that generated quick response (QR) codes for URLs.

The link leads to an already-created QR code, which can be scanned by a mobile reader application.

After the code is recognised, a URL is loaded that advertised the counterfeit goods, including Viagra and Cialis.

"This is a clear movement and evolution of traditional spammers toward targeting mobile technology," Websense Security Labs researcher Elad Sharf said.

It was the first time Websense senior manager of security research Patrik Runald and his team had seen QR codes used in spam.

He said that the culprits may be trying out this tactic to see how people respond, with the goal of eventually evolving it to foist malware.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
phishingqrsecurityspamwebsense

Sponsored Whitepapers

What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape
Transform IT Service Delivery with Freshworks ITSM
Transform IT Service Delivery with Freshworks ITSM
Digital Transformation That Works in the Real World
Digital Transformation That Works in the Real World
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security

Events

Most Read Articles

Attackers weaponise Linux file names as malware vectors

Attackers weaponise Linux file names as malware vectors
"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party
Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study
Home Affairs adds SecOps to new cyber risk overhaul

Home Affairs adds SecOps to new cyber risk overhaul
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?