Phishing emails using SVG attachments to help get away with attacks

News
By
published

Weaponized SVG attachments are not being recognized as malicious, experts warn

A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
(Image credit: weerapatkiatdumrong / Getty Images)
  • Security researchers spotted phishing emails with SVG attachments
  • The nature of SVG files allows them to bypass email protections
  • Common sense remains the best way to defend against phishing

Hackers are always looking for new ways to sneak phishing emails into people’s inboxes, and it seems SVG attachments are the next big thing.

Security researchers recently posted about SVG attachments on Twitter, claiming their nature allows them to bypass email protections and land malicious content in victim's inbox.

For the uninitiated, SVG is short for Scalable Vector Graphics - it’s a lossless image format used all across the web, especially for content that is designed to be viewed on screens of different sizes. Images are not created with pixels, but rather with XML-based code which defines graphics. Since images are built with code, they cannot be analyzed by antivirus programs in the traditional sense of the word. As a result, many bypass current protections.

Fake Excel

According to MalwareHunterTeam, some cybercriminals found a way to abuse this fact. One of the examples was creating a fake Excel spreadsheet with SVG which allows people to submit different content (mostly login credentials and other valuable information).

Even if email security solutions providers find a way to defend against SVG-borne email attacks, crooks will only find another attack avenue.

Therefore, relying exclusively on software to protect your inbox against these threats is super risky. Instead, experts suggest humans be put in the proverbial trenches - using common sense, spotting phishing emails, and acting accordingly (reporting and deleting the email immediately) remains the best form of defense.

Another way crooks can bypass email protection in phishing attacks is through the use of QR codes.

Since these come in .JPG or similar image formats, they rarely get scanned for malice. Furthermore, QR codes in emails usually force victims to bring up their mobile devices, which are rarely as secure as desktop devices, increasing the chances of infection or data loss.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.