A complicated phishing marketing campaign is focusing on Microsoft 365 customers worldwide by means of a newly found device referred to as Quantum Route Redirect.
This superior automation platform transforms complicated phishing operations into easy one-click assaults that evade conventional safety measures.
The marketing campaign has already affected victims throughout 90 international locations, with the US accounting for 76% of the targets.
The device represents a harmful shift within the phishing panorama by eradicating technical obstacles that after restricted cybercriminal actions. What beforehand required superior experience can now be executed by much less skilled attackers utilizing this pre-configured phishing package.
The platform comes with ready-made phishing domains and automatic techniques that deal with every little thing from site visitors routing to sufferer monitoring.
KnowBe4 Risk Lab safety researchers first recognized assaults utilizing Quantum Route Redirect in early August 2025 by means of their PhishER Plus and Defend platforms.
The analysis group has since uncovered roughly 1,000 domains at the moment internet hosting this device. The campaigns make use of numerous social engineering techniques together with DocuSign impersonation, payroll notifications, cost alerts, and QR code phishing to maximise sufferer engagement.
Quantum Route Redirect system circulate (Supply – Knowbe4)
The assault infrastructure demonstrates regarding longevity potential, with builders planning upgrades that embrace QR code era capabilities.
Victims obtain phishing emails containing hyperlinks that observe a constant sample: /([wd-]+.){2}[w]{,3}/quantum.php/ hosted on parked or compromised respectable domains.
This strategic selection leverages model belief to extend success charges.
Clever Site visitors Routing System
The core innovation behind Quantum Route Redirect lies in its refined customer classification system.
When somebody clicks a malicious hyperlink, the platform instantly analyzes incoming site visitors to distinguish between automated safety scanners and human targets by means of real-time behavioral evaluation.
The system routes safety instruments and bots to respectable web sites, making the unique e-mail seem innocent throughout automated URL scanning.
In the meantime, real human guests are directed straight to credential harvesting pages. This automated evasion method efficiently deceives each e-mail safety gateways and internet software firewalls.
The platform performs browser fingerprinting and VPN/proxy detection robotically, enhancing its capability to determine safety instruments versus precise targets.
Cybercriminals monitor marketing campaign effectiveness by means of an intuitive dashboard displaying complete analytics together with complete impressions, sufferer places, system varieties, and browser data.
This administration interface offers two key parts: a configuration panel for managing redirect guidelines and routing logic, plus customer statistics for monitoring site visitors knowledge and measuring marketing campaign success charges.
Observe us on Google Information, LinkedIn, and X to Get Extra Immediate Updates, Set CSN as a Most popular Supply in Google.
