Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev

Researchers spot pharmaceutical spam campaign using QR Codes

By Dancho Danchev | January 10, 2012, 2:39pm PST

Summary: Security researchers from WebSense, have detected a spam campaign using QR codes.

Spammers are no strangers to new technologies, and as true marketers, would do everything to achieve the objectives of their marketing campaign.

Security researchers from WebSense, have detected a spam campaign using QR codes. Scanning the QR code with a QR reader will load the pharmaceutical spam URL in the browser.

More details:

The spam email messages look like traditional pharmaceutical spam emails (image 1) and contain a link to the Web site 2tag.nl. This is a legitimate Web service that allows users to create QR codes for URLs. Once the 2tag.nl URL from the mail message is loaded in the browser, a QR code is displayed, along with the full URL that the QR code resolves to on the right (image 2). When the QR code is read by a QR reader, it automatically loads the spam URL(or asks before loading, depending on which flavor of QR reader you have installed) (images 3 and 4).

This isn’t the first time that cybercriminals use QR codes to spread scams and malicious content. In September, 2011, security researchers from Kaspersky Lab discovered a malware campaign relying on QR codes for spreading of mobile malware.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Adobe plugs critical Reader X security holes

Ten little things to secure your online presence

Topics

Researcher, Pharmaceutical Company, Websense Inc., Pharmaceuticals, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.