Scalable Vector Graphics files pose a novel phishing threat

SUMMARY :

Cybercriminals are exploiting the SVG file format to conduct phishing attacks that bypass existing anti-spam and anti-phishing protection. These attacks involve email messages with .svg file attachments, which open in the default browser on Windows computers. The SVG files contain anchor tags and scripts that link to malicious web pages, often disguised as legal documents or voicemails. When victims click on the embedded links, they are directed to phishing pages that mimic popular services like DocuSign, Microsoft SharePoint, and Office365. The attackers use various social engineering techniques and sophisticated methods to capture and exfiltrate user credentials. Some SVG files even contain encoded malware. To protect against this threat, users are advised to change the default program for opening SVG files and be cautious of suspicious emails.

OPENCTI LABELS :

phishing,social engineering,credential theft,evasion techniques,nymeria,svg,file format abuse,browser-based attacks,troj/autoit-dhb,email attachments


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Scalable Vector Graphics files pose a novel phishing threat