Researchers have revealed a new type of spam campaign that appears to be a test run to find out how mobile users will respond to social engineering attempts on their smart phones and tablets.
The spam emails had hawked male enhancement drugs but were different in that they contained a link to a legitimate site -- 2tag.nl -- that generated quick response (QR) codes for URLs.
The link leads to an already-created QR code, which can be scanned by a mobile reader application.
After the code is recognised, a URL is loaded that advertised the counterfeit goods, including Viagra and Cialis.
"This is a clear movement and evolution of traditional spammers toward targeting mobile technology," Websense Security Labs researcher Elad Sharf said.
It was the first time Websense senior manager of security research Patrik Runald and his team had seen QR codes used in spam.
He said that the culprits may be trying out this tactic to see how people respond, with the goal of eventually evolving it to foist malware.