Spam Messages Connect with QR Codes

The ThreatSeeker Network of Websense recently spotted one spam campaign, which relies on QR Codes described as a barcode's 2D variant. The company, which used a QR Reader to scrutinize the QR Code, found that the scanning resulted in a pharma-oriented spam URL inside its web-browser.

Apparently, this spam doesn't utilize QR Codes straight away, while its messages seem as conventional pharma-based spam mails that connect with 2tag.nl, the website serving a URL-condensing service as well as making QR Codes for URLs that have been condensed. Interestingly, if the condensed web-address is hyphenated, it causes the end-user to stay on 2tag.nl as also view the QR Code.

Moreover, while 2tag.nl seems like a lawful site, there hasn't been an updating of its blog or its accounts on social networks ever-since past spring.

In the meantime, if the spam's recipient loads the 2tag.nl website from the junk e-mail onto his web-browser, he'd find a QR Code exhibited on his screen alongside the entire URL for which the Code finds a solution.

And as a QR Reader proceeds reading the QR Code, there occurs a mechanical download of the spam website alternatively verification prior to the downloading.

Nevertheless, the attacked website can be seen open on the identical web-page. According to the security investigators, it's fully evident that the websites include pharma-oriented spam. But, everybody mayn't notice this, while curious end-users could become lured towards scrutinizing the QR Code appearing before them.

Security Researcher Elad Sharf of Websense Security Labs says that his company has been recognizing QR Codes to be one potential spam/malware channel since sometime now. There's an inbuilt level of uniqueness and faith within the design capable of exploitation. Often, it was merely with time that spam mails were seen leading onto URLs, which implanted QR codes. Clearly it's an evolution and movement by conventional spammers seeking to attack mobile technology, Sharf explains. HELP NET SECURITY published this on January 10, 2012.

Conclusively, in a similar case, security investigators at Kaspersky Labs, during September 2011, detected one malware scam that used QR Codes towards the dissemination of mobile software, malicious in nature.

Related article: Spam Scam Bags a Scottish Connection

» SPAMfighter News - 1/19/2012