Hackers are currently mailing fraudulent QR codes — and they have the ability to capture your passwords.

Uncategorized Mihnea


We’ve previously warned you about the risks associated with [QR code scams](https://mashable.com/article/beware-qr-code-scams), but there’s now an added dimension to consider—one that might land in your physical mailbox.

Switzerland’s National Cyber Security Centre (NCSC) has [issued an alert](https://www.theregister.com/2024/11/16/swiss_malware_qr/) regarding a new scam that utilizes the postal system to distribute malware. In this scheme, a tangible letter is dispatched to potential victims, encouraging them to download an app through a QR code featured on the letter.

However, the app connected to the QR code is, in reality, malware masquerading as a legitimate application, created to extract data from the user’s device.

### A New Type of QR Code Scam

The fraudsters behind this initiative are impersonating Switzerland’s Federal Office of Meteorology and Climatology, even going to the extent of replicating official government seals on the mailed letters. The correspondence instructs recipients to scan the QR code to download a “Severe Weather Warning App” for Android devices.

Yet rather than leading users to the genuine Google Play Store, the QR code directs them to a third-party site. There, they are urged to download an app named “AlertSwiss.”

As [noted by The Register](https://www.theregister.com/2024/11/16/swiss_malware_qr/), there are clear indicators that this app is a scam. While there exists a legitimate government app with a similar title, it is called “Alertswiss” (with a lowercase “s”). Moreover, although the counterfeit app attempts to imitate the official app’s logo, it fails to match it completely.

Once downloaded, the counterfeit app installs a variant of the Coper trojan malware on the user’s device. This malware can track the user’s activities, stealing passwords, messages, notifications, and other sensitive information. It can also present phishing pages on the infected device, further jeopardizing security.

According to the NCSC, this is the first instance they have seen malware spread in this way via physical mail.

In contrast to email-based scams, sending physical mail comes with a cost, indicating that this strategy appears to be effective for the scammers.

If cybercriminals haven’t already set their sights on replicating this approach outside of Switzerland, this alert serves as an important reminder to remain cautious. Be vigilant for QR code scams that may soon land in your physical mailbox.