Your company is participating in a Cyber Security Education Program.
This MFA QR Phishing Attack included the following social engineering techniques:
- Spoofed email and domain (example: locked-outlook.com).
- Urgency to act (example: expiring today).
- QR code to allow you take action attacker wants and also move you outside the protection of your IT system.
- Verbiage and logos of tools you use to catch attention (example: Microsoft).
How to spot this was a phishing email:
- Was this an email you expected to receive? No - Be cautious
- Changes to MFA (workflow) would be communicated in official channels.
- The sender email address was not associated with Microsoft.
- Example: @locked-outlook.com ... is not a primary domain associated with Microsoft; the use of "outlook" is to imply Microsoft ownership.
- The link preview from QR scanning identified suspicious domain similar to above.
