Beware: QR Code Scam Targets Microsoft Sway for Passwords

August 28, 2024
1 min read




Article Summary

TLDR:

  • New QR code phishing campaign using Microsoft Sway to steal credentials
  • Attack primarily targeting users in Asia and North America

Cybersecurity researchers have identified a new QR code phishing campaign that exploits Microsoft Sway infrastructure to deceive users and steal their credentials. The attackers use legitimate cloud applications to gain credibility with victims, especially those in the technology, manufacturing, and finance sectors. Microsoft Sway, a cloud-based tool for creating content, has seen a significant increase in traffic to phishing pages since July 2024. These campaigns aim to redirect users to phishing websites through fake QR codes hosted on Sway, evading detection by email scanners and mobile device security measures. It’s important to note that this is not the first time Microsoft Sway has been used in phishing attacks, with previous incidents like the PerSwaysion campaign compromising corporate email accounts in 2020. The development of Unicode QR codes poses a new challenge for security measures, as these text-based codes can bypass image scanning and look different when viewed as plain text. As phishing campaigns become more sophisticated, security vendors are working to detect and block these image-based threats.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and