[justsaysmthng]

Not absurd at all. The malware infects the PC and does its bad thing. After it's finished doing the bad stuff, it creates a full screen window which looks just like a BSOD screen with the QR code containing the attacker's URL.

User scans the QR code and navigates to that URL. Now he thinks he's on microsoft.com and will readily hand over his Microsoft credentials.

When you have Bitcoin, bank accounts, credit cards, etc as potential rewards, bad guys can (and do) get quite creative..