The Threat Research Unit of Sophos, Sophos X-Ops, has identified a new phishing attack technique in which cybercriminals are exploiting Scalable Vector Graphics (SVG) file format to bypass anti-phishing and anti-spam protections.

According to a research report by Sophos X-Ops, cybercriminals have recently adopted a new tactic of sending malicious SVG files as email attachments. Once these attachments are clicked, they redirect users to harmful websites, posing a significant threat to individuals and organizations.

Explaining the attack method, the report states that cybercriminals send emails containing SVG file attachments to their targets. When the recipient clicks on the file, it automatically opens in a default web browser. The file contains embedded links or JavaScript that then redirect the browser to a phishing website.

The victims are often presented with deceptive prompts urging them to open a document on platforms like DocuSign, Dropbox, or SharePoint. In some cases, they are even tricked into accessing a voicemail through Google Voice.

Sophos X-Ops' investigation further reveals that almost half of the analyzed SVG files were highly customized, embedding the victim’s email address or name within the file itself. This level of customization suggests that the attacks are highly targeted, likely focusing on specific organizations.Source: techcrunch

Total views: 231