- Quantum Route Redirect automates phishing, spoofing brands and bypassing email security tools
- It detects bots vs. humans, redirecting real users to credential theft pages
- Over 1,000 domains host it; 76% of victims are in the US, per KnowBe4
A new phishing platform called “Quantum Route Redirect” is making targeting Microsoft 365 users all around the world dramatically simpler, experts from KnowBe4 have warned.
In its report, the researchers said Quantum Route Redirect can automate phishing campaigns that previously required significant technical skill.
It enables attackers to launch large-scale credential theft operations, while spoofing major companies such as DocuSign, or send fake payroll, payment notices, and voicemail alerts. QR code-based “quishing” attacks are also available on the platform.
Targeting the US
One of Quantum Route Redirect’s key advantages is its ability to automatically detect whether a visitor is a bot or a human.
When security tools like email scanners click the links, they are redirected to safe, legitimate websites, making the phishing email appear harmless. Real users, however, are silently redirected to credential-harvesting pages.
This automation helps hackers bypass layers of defense such as Microsoft Exchange Online Protection, secure email gateways, and even integrated cloud email security solutions.
The platform also comes with a dashboard for managing redirects, monitoring victim traffic, and viewing analytics. It includes features such as browser fingerprinting, VPN/proxy detection, and real-time statistics, effectively lowering the barrier to entry for cybercriminals.
KnowBe4 researchers have identified roughly 1,000 domains currently hosting the tool, warning that it’s spreading like wildfire, and attacks leveraging it have compromised victims in 90 countries, with the United States accounting for 76% of affected users.
Experts warn that Quantum Route Redirect “democratizes” phishing by removing technical complexity and could mark a new era of accessible cybercrime. To defend against it, organizations are urged to combine advanced email security tools with user awareness training, sandboxing, and rapid response procedures for credential compromise.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
