Phishing emails are increasingly using Scalable Vector Graphics (SVG) attachments to display malicious forms or deliver malware, BleepingComputer reports.
SVG is an image format that’s stored in XML text files, allowing users to create an image through XML code by specifying shapes, colors, and text. Threat actors are using these files to craft convincing phishing forms that can bypass security filters.
“SVG attachments used in a recent campaign pretend to be official documents or requests for more information, prompting you to click the download button, which then downloads malware from a remote site,” BleepingComputer says.
“Other campaigns utilize SVG attachments and embedded JavaScript to automatically redirect browsers to sites hosting phishing forms when the image is opened. The problem is that since these files are mostly just textual representations of images, they tend not to be detected by security software that often. From samples seen by BleepingComputer and uploaded to VirusTotal, at the most, they have one or two detections by security software.”
Users should be on the lookout for SVG attachments, since they aren’t commonly used by most businesses. If an SVG file displays what looks like an Excel spreadsheet with a login portal, for example, it’s certainly a phishing attempt.
“Receiving an SVG attachment is not common for legitimate emails, and should immediately be treated with suspicion,” BleepingComputer says. “Unless you are a developer and expect to receive these types of attachments, it is safer to delete any emails containing them.”
New-school security awareness training can keep your employees up-to-date on evolving social engineering tactics so they can thwart these types of phishing attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
BleepingComputer has the story.
