QR Codes Connect to Spam

Wednesday, January 11, 2012 @ 12:01 PM gHale


As mobile technology sees greater usage in the work environment, it is becoming clear that is an easy attack vector.

In the evolution of traditional spammers now targeting mobile technology, the Websense ThreatSeeker Network started spotting spam messages that lead to URLs that use embedded quick response (QR) codes.

RELATED STORIES
Scareware Meets Smartphones
Smartphone Users: Malicious Apps Abound
Data Treasure on Old Smartphones
Targeted Attacks on Rise

The spam email messages look like traditional pharmaceutical spam emails and contain a link to the Web site 2tag.nl. This is a legitimate Web service that allows users to create QR codes for URLs.

Once the 2tag.nl URL from the mail message loads in the browser, a QR code displays, along with the full URL the QR code resolves to on the right.

When the QR code is read by a QR reader, it automatically loads the spam URL (or asks before loading, depending on which QR reader the user has installed).

“We’ve been looking at QR codes as a potential malware/spam route for a while now,” said Elad Sharf, security researcher at Websense Security Labs. “Inherent in the design is a level of trust and novelty that can be abused. In many ways it was just a matter of time before we saw spam messages point to URLs that use embedded QR codes. This is a clear movement and evolution of traditional spammers toward targeting mobile technology.”

One of the predictions for this year from security experts across the industry for security attack vectors included an increase in attacks directed toward mobile devices. One week into the new year that prediction is abundantly clear.



Leave a Reply

You must be logged in to post a comment.