BlackCloak Knowledge Base
Protect Your Digital Life ™
Home
Cybersecurity Alerts
2026

"Venom" SharePoint Attack

Edited

Please review the following for guidance regarding a sophisticated phishing campaign targeting C-suite executives and senior leadership.

A highly personalized attack platform named Venom is currently targeting executives by name using fraudulent Microsoft SharePoint notifications. This campaign is specifically engineered to bypass standard security filters and two-factor authentication (2FA).

The Threat:

The Hook: A fake email notification regarding a sensitive document (e.g., "Q1 Financials") shared via SharePoint.

The Mechanism: The email contains a QR code. Scanning it leads to a fraudulent site designed to capture your login credentials and session tokens.

The Risk: By hijacking your active session, attackers can maintain permanent access to your account.

Stay Protected:

  • Use the BlackCloak Secure QR Scanner: Directly mitigate "Quishing" (QR phishing) by using the Secure QR Code Scanner within the BlackCloak app. It validates destination URLs against our threat database in real-time before your browser ever connects to the site. 

  • Verify Unexpected Files: Always verify the sender via a separate channel before interacting.

  • Avoid QR Logins: Never use a QR code from an unsolicited email to log in to corporate accounts. Always navigate directly to the website. 

venom
Sharepoint
cyber alert
BlogContact UsGo to BlackCloak.io