Researchers spot pharmaceutical spam campaign using QR Codes

Spammers are no strangers to new technologies, and as true marketers, would do everything to achieve the objectives of their marketing campaign.

Security researchers from WebSense, have detected a spam campaign using QR codes. Scanning the QR code with a QR reader will load the pharmaceutical spam URL in the browser.

More details:

The spam email messages look like traditional pharmaceutical spam emails (image 1) and contain a link to the Web site 2tag.nl. This is a legitimate Web service that allows users to create QR codes for URLs. Once the 2tag.nl URL from the mail message is loaded in the browser, a QR code is displayed, along with the full URL that the QR code resolves to on the right (image 2). When the QR code is read by a QR reader, it automatically loads the spam URL(or asks before loading, depending on which flavor of QR reader you have installed) (images 3 and 4).

This isn't the first time that cybercriminals use QR codes to spread scams and malicious content. In September, 2011, security researchers from Kaspersky Lab discovered a malware campaign relying on QR codes for spreading of mobile malware.