Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Phishing
      • /
    • Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

    Threat Actors Abuse Microsoft Sway to Launch QR Code Phishing Attacks

    Stu Sjouwerman | Aug 30, 2024

    QRコード画像Researchers at Netskope last month observed a 2000-fold increase in traffic to phishing pages delivered through Microsoft Sway.

    The phishing attacks are targeting organizations in the technology, manufacturing, and finance sectors in Asia and North America.

    Most of these attacks involved QR code phishing (quishing) to trick victims into visiting the malicious sites.

    “Attackers instruct their victims to use their mobile devices to scan the QR code in hopes that these mobile devices lack the stringent security measures typically found on corporate issued ones, ensuring unrestricted access to the phishing site,” Netskope explains.

    “Additionally, these QR phishing campaigns employ two techniques from previous posts: the use of transparent phishing and Cloudflare Turnstile. Transparent phishing ensures victims access the exact content of the legitimate login page and can allow them to bypass additional security measures like multi-factor authentication. Meanwhile, Cloudflare Turnstile was used to hide the phishing payload from static content scanners, preserving the good reputation of its domain.”

    Notably, the threat actors abused Sway, a free Microsoft 365 presentation app, to evade security technologies.

    “By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” the researchers write. “Additionally, a victim uses their Microsoft 365 account that they’re already logged-into when they open a Sway page, that can help persuade them about its legitimacy as well.

    Sway can also be shared through either a link (URL link or visual link) or embedded on a website using an iframe. Over the past six months, Netskope Threat Labs observed little to no malicious traffic using Microsoft Sway. However, in July 2024, we observed a 2,000-fold increase in traffic to unique Microsoft Sway phishing pages. The pages we investigated were targeting Microsoft 365 accounts.”

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    Netskope has the story.

    Topics: Phishing Security Culture

    Is Your Organization Vulnerable to Quishing?

    Traditional filters often miss malicious links hidden in QR codes. Launch our Free Quishing Test for up to 100 users to identify security gaps and receive your custom Phish-prone Percentage report within 24 hours.

    Get Your Free Quishing Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All