Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Sextortion Email Variant: With QR Code InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sextortion Email Variant: With QR Code

Published: 2019-02-25
Last Updated: 2019-02-25 21:34:57 UTC
by Didier Stevens (Version: 1)
1 comment(s)

Reader Robert submitted a sextortion email with a twist: it contains a QR code:

In case you're wondering: I covered the QR code with a cross. I don't want you to pay ransom by accident.

All the text in this email is a picture, except for the Bitcoin address. Hence this SPAM variant might be harder to detect by anti-SPAM engines.

The QR code decodes to:

bitcoin:1F3PqNUSQtv3znDduVgmk4Vq6pf8BFKo62?amount=0.16012

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

Keywords: QRcode sextortion
1 comment(s)
Diary Archives