Researchers spot pharmaceutical spam campaign using QR Codes

Summary:Security researchers from WebSense, have detected a spam campaign using QR codes.

Spammers are no strangers to new technologies, and as true marketers, would do everything to achieve the objectives of their marketing campaign.

Security researchers from WebSense, have detected a spam campaign using QR codes. Scanning the QR code with a QR reader will load the pharmaceutical spam URL in the browser.

More details:

The spam email messages look like traditional pharmaceutical spam emails (image 1) and contain a link to the Web site This is a legitimate Web service that allows users to create QR codes for URLs. Once the URL from the mail message is loaded in the browser, a QR code is displayed, along with the full URL that the QR code resolves to on the right (image 2). When the QR code is read by a QR reader, it automatically loads the spam URL(or asks before loading, depending on which flavor of QR reader you have installed) (images 3 and 4).

This isn't the first time that cybercriminals use QR codes to spread scams and malicious content. In September, 2011, security researchers from Kaspersky Lab discovered a malware campaign relying on QR codes for spreading of mobile malware.

Topics: Security, Enterprise Software


Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.