Mobile Malware via a FAX

This is a new school twist to an old school scam, fax machine spam.  Miscreants would send out bogus faxes with scam numbers many times just trying to hawk “dealz” or, in some cases try to phish info from the caller.  But, for the most part fax machine spam has subsided (i think, i have no real data, just a hunch).

A friend, who wishes to remain anonymous, said that several of these faxes appeared at her office over the last two days.  She forwarded me a scan of one to review.

You can see that this is all sorts of wrong, even the QR codes look like they were psychically  pasted (after the fact) on this fax.  What was interesting is that the QR code leads to a site that wants you to download an app (link for both Andoird and Apple devices) to install on your phone.  I’ve redacted the QR codes and numbers to protect the innocent (and inept).

Looking into it further these are bogus premium rate SMS apps that send text messages to numbers the scammers control, then you get charged for premium SMS messages and they make cash.  Be warned, don’t just scan QR codes everywhere.  I wonder how many people at my friends company used their neato smart phone to follow those codes and installed those apps?  Maybe it’s not a bad idea to protect your main corporate fax number a bit, too.