The holiday season is in full swing, which means so are phishing campaigns.
Security researchers have discovered a large-scale phishing campaign called Quantum Route Redirect (QRR) that is actively targeting Microsoft 365 users. Attackers are using nearly 1,000 domains to host convincing Microsoft 365 login screens designed to steal usernames and passwords.
QRR has been tracked in 90 countries, with 76% of these attacks focused on users in the United States. Messages from this campaign are appearing as DocuSign requests, payment notices, voicemail alerts, and even QR-code prompts.
We all need to remember to be cautious with unexpected emails, especially those asking you to log in or open attachments. Always verify the sender and check links before clicking. And if ever in doubt, report suspicious emails via the Phishing button. Cybersecurity will research and if needed setup firewall blocks on the UCOR network.
Your vigilance is our best defense against these attacks.
