Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK

"If your name is Emily and your boyfriend went out last night HE CHEATED. Heres [sic] the video for proof," states a poster seen in Manchester, England this week.

My name isn't Emily, but anyone who comes across such a poster would stop by to take a closer look—it piques curiosity, breeds insecurity, and sparks controversy.

And the blatant QR code underneath staring at your face makes you think for a second what all could it reveal...

'Your Boyfriend... cheated' shock posters pop up across UK

After completing a quick grocery trip at my local Morrison's this Thursday, as I was exiting the shop, I was taken aback by this convincing A4-sized sheet of paper, likely printed by a college student and clumsily taped to a, what appears to be some kind of a locker.

In fact, another young person who seemed like a college student (blame it on the backpack) stopped by, right before me. She took a second to get her smartphone ready and snapped a picture of the poster. I did not dare to ask if her name was Emily.

As for the URL this QR code leads to? Not the video clip you were expecting...

http://www.prograd.uk/find-your-side-hustle?utm_source=In+Person&utm_medium=Posters&utm_campaign=poster+6

It leads to Prograd, a UK-based "side hustle comparison" app geared towards college students and youngsters.

Notice the "UTM" tracking codes in the URL too. These parameters are often relied upon by analytics and marketing platforms to track how well a campaign is performing, and through what mediums.

Clickbaity or genius?

Promotional campaigns like these fall under "shockvertising" and guerllia marketing tactics that deliberately use unconventional slogans and images to capture attention, sometimes in ways that could be considered insincere, controversial or outright distressing by some.

Prograd knows its target audience well, and these posters do everything to get to the psyche of that demographic in one of the most convincing and effective ways.

Granted, the adrenaline rush, exhilitation, and anxiety sparked by the posters is quickly quashed as soon as one scans the QR code, and followed by a feeling of disappointment as one realizes it's nothing more than a prank.

BleepingComputer reached out to Prograd with several questions, including what is the scale of this campaign, who is behind this marketing campaign and if the company has seen great traction with employing such tactics.

Prograd, which describes itself as "UK's #1 side hustle comparison website" told us that they rolled out the campaign this Tuesday, September 17th.

"Prograd is all about helping young people find opportunities to save and make money," a Prograd spokesperson told BleepingComputer via email.

"We passionately believe that it's important to level the playing field when it comes to financial literacy, a topic that isn't taught enough in UK schools."

"As students are heading to Uni this month, our posters were designed to catch the attention of, and engage more young people - inspiring them to start their financial journey."

The service, which has recently expanded to the US, tells us that the clever marketing campaign was crafted "in house" and is running UK-wide across major cities.

"We've already seen amazing engagement with our posters, and are hoping this encourages more people to maximise their earnings as they head into a new term!"

"As mentioned we only started on Tuesday, but we are seeing high clicks and sign ups."

Scanning QR codes seen in public can be risky

Although this campaign is a harmless, playful prank, it's still a form of social engineering, from a security perspective.

Readers should exercise caution when scanning QR codes in public spaces and carefully inspect the links as these could very well be taking you to malicious websites and apps.

While a highly versatile technology with various use cases, QR codes can be and have been abused time and time again by threat actors to, for example, push scams and con people for money all around the world.

Last year, a Singapore-based woman lost $20,000 after scanning a QR code to fill out a "survey" at a bubble tea shop.

Cases of fake car parking citations with QR codes targeting motorists have also become rampant in the US and the UK in the last few years.

Most recently, a scam identifed by London-based internet services firm Netcraft saw "up to 10,000 potential victims" visiting phishing websites pushed by such 2D barcodes in a period of a little over two months.