Scams & Phishing News Phishing emails increasingly use SVG attachments to evade detection

Gandalf_The_Grey

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,414
Content source
https://www.bleepingcomputer.com/news/security/phishing-emails-increasingly-use-svg-attachments-to-evade-detection/
Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection.

Most images on the web are JPG or PNG files, which are made of grids of tiny squares called pixels. Each pixel has a specific color value, and together, these pixels form the entire image.

SVG, or Scalable Vector Graphics, displays images differently, as instead of using pixels, the images are created through lines, shapes, and text described in textual mathematical formulas in the code.
Click to expand...
The use of SVG attachments in phishing campaigns is nothing new, with BleepingComputer reporting about their usage in previous Qbot malware campaigns and as a way to hide malicious scripts.

However, threat actors are increasingly using SVG files in their phishing campaigns according to security researcher MalwareHunterTeam, who shared recent samples [1, 2] with BleepingComputer.
Click to expand...
The problem is that since these files are mostly just textual representations of images, they tend not to be detected by security software that often. From samples seen by BleepingComputer and uploaded to VirusTotal, at the most, they have one or two detections by security software.

With that said, receiving an SVG attachment is not common for legitimate emails, and should immediately be treated with suspicion.

Unless you are a developer and expect to receive these types of attachments, it is safer to delete any emails containing them.
Click to expand...
www.bleepingcomputer.com

Phishing emails increasingly use SVG attachments to evade detection

Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
  • Sad
Reactions: Captain Awesome, Viking, BigWrench and 7 others

Similar threads

Gandalf_The_Grey
    • Like
    • Thanks
Scams & Phishing News Novel phising campaign uses corrupted Word documents to evade security
Replies
0
Views
292
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
Security News Microsoft disrupts ONNX phishing-as-a-service infrastructure
Replies
0
Views
134
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Wow
    • Applause
Scams & Phishing News Microsoft 365 Admin portal abused to send sextortion emails
Replies
1
Views
302
Security News
Sorrento
Sorrento

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top