𝐏𝐫𝐨𝐭𝐞𝐜𝐭 𝐲𝐨𝐮𝐫 𝐨𝐫𝐠𝐚𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧𝐬 𝐚𝐠𝐚𝐢𝐧𝐬𝐭 𝐐𝐑 𝐜𝐨𝐝𝐞 𝐩𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐰𝐢𝐭𝐡 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐎𝐟𝐟𝐢𝐜𝐞 365

QR codes are used in phishing attacks for mainly two reasons:

1️⃣ They move the attack away from well-protected corporate environments and onto the victim’s personally owned mobile device, which may be less secure.

2️⃣ They leverage the most common credential theft vector which is the uniform resource locator (URL).

𝐇𝐨𝐰 𝐌𝐃𝐎 𝐝𝐞𝐭𝐞𝐜𝐭𝐬 𝐐𝐑 𝐂𝐨𝐝𝐞 𝐩𝐡𝐢𝐬𝐡𝐢𝐧𝐠

➡ Image Detection in a message inline during mail flow

➡Threat Signals

➡URL Analysis

➡Heuristics-based Rules

To further increase protection, it is recommended to use:

➡𝐄𝐱𝐭𝐞𝐧𝐝𝐞𝐝 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐚𝐧𝐝 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞 (XDR): Microsoft Defender XDR provides comprehensive defense against advanced threats like QR code phishing

➡𝐌𝐨𝐛𝐢𝐥𝐞 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧: Microsoft Defender for Endpoint on Android and iOS includes anti-phishing capabilities that also apply to QR code phishing attacks, blocking phishing sites from being accessed.

➡𝐄𝐧𝐝-𝐔𝐬𝐞𝐫 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠: Defender for Office 365 customers can use Attack Simulation Training to educate their end users by simulating real-world phishing attacks and other types of cyber threats.

https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/protect-your-organizations-against-qr-code-phishing-with/ba-p/4007041

#qrcode #phishing #mdo #defenderforoffice #defender #xdr #edr #office365 #image #url #microsoft #microsoftsecurity #soc #cyber #cybersecurity #ast #usertraining #awareness #Quishing #cloudsecurity