Microsoft Sway Used to Launch QR Code Phishing Attacks

Netskope Threat Labs has reported a significant increase in phishing attacks using Microsoft Sway, a free presentation tool within Microsoft 365. In July 2024, they observed a 2,000-fold rise in traffic to phishing pages delivered through this platform.

Key Findings

• Quishing Attacks: Many of these phishing campaigns employed “Quishing,” a technique that uses QR codes to direct users to malicious websites. This method is particularly effective as it often bypasses email scanners and exploits users’ familiarity with QR codes.
• Target and Scope: The attacks primarily targeted Microsoft Office credentials, affecting victims in Asia and North America across various sectors, with Technology, Manufacturing, and Finance being the most impacted.

Sophisticated Techniques:

• Attackers used Cloudflare Turnstile to hide phishing content from static scanners.
• Transparent phishing was employed to collect user credentials and potentially bypass multi-factor authentication.

Importance of Security Awareness Training

In light of these sophisticated phishing tactics, organizations must prioritize security awareness training for their employees. Regular training sessions can help staff:

• Recognize suspicious QR codes and links.
• Understand the risks of using personal devices for work-related tasks.
• Practice proper URL verification before entering credentials.

At YYTECH, we understand the evolving nature of cyber threats and the importance of a robust defense strategy. Contact us to learn how we can help your organization with security awareness training and other cybersecurity solutions.

Source: https://www.netskope.com/blog/phishing-in-style-microsoft-sway-abused-to-deliver-quishing-attacks