{"id":5040,"date":"2024-08-27T14:05:27","date_gmt":"2024-08-27T19:05:27","guid":{"rendered":"https:\/\/www.darkreading.com\/vulnerabilities-threats\/microsofts-sway-serves-as-launchpad-for-quishing-campaign"},"modified":"2024-08-27T14:05:27","modified_gmt":"2024-08-27T19:05:27","slug":"microsofts-sway-serves-as-launchpad-for-quishing-campaign","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/08\/27\/microsofts-sway-serves-as-launchpad-for-quishing-campaign\/","title":{"rendered":"Microsoft&#8217;s Sway Serves as Launchpad for &#8216;Quishing&#8217; Campaign"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/blt37bf8e9cb7c16835\/66ce1dd3cdb2217c1fad2230\/microsoftsway1800_SOPA_Images_Limited_alamy.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Last month, researchers uncovered a &#8220;quishing&#8221; campaign targeting Microsoft Office credentials, incurring an abrupt 2,000-fold increase in traffic to unique Microsoft Sway phishing pages.&nbsp;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Quishing refers to a form of phishing that uses QR codes to trick users into opening malicious pages, according to the researchers at Netskope Threat Labs.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">The campaign has targeted victims mainly in Asia and North America, across multiple industries such as technology, manufacturing, and finance.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Attackers instruct their victims to use their mobile devices to scan the QR code in hopes that these mobile devices lack the stringent security measures typically found on corporate issued ones,&#8221; said the researchers <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.netskope.com\/blog\/phishing-in-style-microsoft-sway-abused-to-deliver-quishing-attacks\" rel=\"noopener\">in an article<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">. &#8220;These QR phishing campaigns employ two techniques from previous posts: the use of&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.netskope.com\/blog\/phishing-with-cloudflare-workers-transparent-phishing-and-html-smuggling\" rel=\"noopener\">transparent phishing<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&nbsp;and&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.netskope.com\/blog\/evasive-phishing-campaign-steals-cloud-credentials-using-cloudflare-r2-and-turnstile\" rel=\"noopener\">Cloudflare Turnstile<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">.&#8221;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Sway is a free Microsoft 365 application that anyone with a Microsoft account can access. Attackers, however, take advantage of this open access, using the credibility of these legitimate cloud applications to deceive users. Not just this, but Sway is accessed once a victim is already logged into their Microsoft 365 account, adding an additional layer of legitimacy to persuade these users into opening malicious pages.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">The researchers advise that users check URLs and type them directly into the Web browser to avoid falling victim to such attacks. They also recommend that organizations review security policies to ensure they are protected against these kinds of scams.<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/microsofts-sway-serves-as-launchpad-for-quishing-campaign\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Last month, researchers uncovered a &#8220;quishing&#8221; campaign targeting Microsoft Office<\/p>\n","protected":false},"author":12,"featured_media":5041,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-5040","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=2560%2C1440&ssl=1",2560,1440,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=2048%2C1152&ssl=1",2048,1152,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/08\/microsofts-sway-serves-as-launchpad-for-quishing-campaign-scaled.jpg?fit=2560%2C1440&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5040","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5040"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5040\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/5041"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5040"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5040"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5040"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}