Malicious URLs identified in QR code phishing emails

Malicious URLs can now be found embedded in QR codes, so you will need to be extra vigilant when scanning any QR codes or clicking on spam emails. It’s not unusual that we are hearing about the rise of this type of URL/QR code threat vector. I’ve been researching about this type of threat for some time and included some examples in my writings over at Hakin9.

So how does this attack work? The attack vector is simple – use a traditional message – say drugs and send a spam email containing a link to a TAG website. In this instance, the TAG website is legitimate, which allows anyone to create QR codes with URLs. The malicious short TAG URL from the spam message will be loaded into the browser whereby a QR code will be displayed along with the full URL string. QR codes are read by QR readers (there are many across multiple mobile platforms) which then automatically load the malicious URL. It’s that simple.

This type of QR code threat uses an inherent flaw in human psychology – our desire to find out where/what the link takes us/is. In security circles we call this ‘social engineering’. Spam messages directing victims to short URLs that use embedded QR codes is the start of a new shift to focus cybercrime efforts on the ever growing popularity of the mobile platform. Virtualization is a must here!

Outside of the QR code and NFC ad/payment platform threat, rogue coupon malware apps will also continue to grow in popularity among the malware writing community especially given the tough economic months ahead. Stay vigilant folks!

Safe surfing folks!


This entry was posted in android, apple, blackberry, google, mobile, windows and tagged . Bookmark the permalink.

One Response to Malicious URLs identified in QR code phishing emails

  1. Hi there Dear, are you actually visiting this
    website on a regular basis, if so after that you
    will definitely take pleasant know-how.

Leave a Reply

Your email address will not be published. Required fields are marked *