Researchers have revealed a new type of spam campaign that appears to be a test run to find out how mobile users will respond to social engineering attempts on their smartphones and tablets.
According to a Tuesday blog post from security firm Websense, the emails look like typical spam trying to hawk male enhancement drugs. However, in this case, they contain a link to a legitimate site -- 2tag.nl -- that generates quick response (QR) codes for URLs.
The link leads to an already-created QR code, which can be scanned by a mobile reader application available in places like the Android Market. After the code is recognized, a URL is loaded that advertises the counterfeit goods, including Viagra and Cialis.
"This is a clear movement and evolution of traditional spammers toward targeting mobile technology," Elad Sharf, a Websense Security Labs researcher, wrote in the blog post.
Patrik Runald, senior manager of security research at Websense, told SCMagazine.com that this is the first time his team has seen QR codes being used in spam. He added that the culprits may be trying out this tactic to see how people respond, with the goal of eventually evolving it to foist malware.
This article originally appeared at scmagazineus.com
Copyright © SC Magazine, US edition
Issue: 335 | January/February 2015
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.