BleepingComputer reports that nearly 1,000 domains have been used by the novel advanced Quantum Route Redirect phishing-as-a-service platform to pilfer Microsoft 365 account credentials across 90 countries.The U.S. was targeted by over three-quarters of the QRR intrusions, which commence with nefarious emails purporting to be QR codes, DocuSign requests, or payment notices that redirect to a credential harvesting page with patterned domains aimed at maximizing social engineering effectiveness, according to a KnowBe4 analysis.QRR not only includes a filtering mechanism that automatically redirects email security tools to harmless websites but also facilitates real-time monitoring of real and non-human site visitors through its dashboard.Potentially increased utilization of QRR due to its URL scanning technology bypass techniques should prompt organizations to adopt more stringent URL filtering mechanisms, as well as bolster the monitoring of compromise stemming from the theft of user credentials, said KnowBe4 researchers.
