San Diago based Web security gateway software company Websense is reporting that spammers are targeting mobile technology with QR Codes. A typical pharmaceutical spam email messages has been found with a legitimate shortened link that leads to a webpage with a QR Code. The QR Code resolves to the spam URL. The intended sequence is as follows:
- Link URL in email http://2tag.nl/9OLTM0-
- Resolves to a legitimate webpage (image below)
- Scanning the QR Code which decodes as http://2tag.nl/9T7381
- Redirects to spam site http://goofy.medonline.ru (image below)
This seems like a very unlikely and convoluted way to dupe people into viewing the destination page with their mobile. Who is going to click on a link in an obvious spam email, then get out their mobile and scan a QR Code off their desktop where the highly suspicious destination URL is displayed alongside it?