- Sophos says that the use of SVG files in phishing is increasing
- SVG files bypass email protection and can display malicious hyperlinks
- The researchers shared some tips on how to stay safe
Pirates use .SVG files in new phishing attacks to steal the 365 office connection identification information, experts warned.
A report by Sophos researchers has revealed that the number of phishing attacks with .SVG files in attachments is increasing. SVG (Scalable Vector Graphics) files are XML -based images that can be set up without losing quality, which makes them ideal for web design, icons and illustrations. Unlike raster images (for example, PNG, JPG), SVGs use mathematical equations to define shapes, which allows them to remain crunchy at any size.
Since SVG files are generally natively loaded inside a browser, they can contain anchor tags, scripts and other types of active web content.
Defend against SVG attacks
Sophos notes that the body of phishing emails is not extraordinary. This is the usual invoice / the new voicemail / the type of e-mail compulsory, with an .SVG attachment, which generally displays only a sentence or two and a hyperlink. Sophos says it is seen that these messages, especially the content in the SVG file, become more sophisticated over the countryside.
In any case, the opening of the SVG file reveals a new browser tab, and there is a hyperlink. Click on the hyperlink redirects the victim to a false Office 365 connection page which steals the connection identification information and relays them to the attackers.
There are two ways to defend yourself against these phishing emails, said Sophos. The best way (in addition to not clicking on the shaded attachments) is to open a known and benign SVG file on the computer and to ask Windows to open it always in the notepad or a no no program -Siminant navigator.
“Even if you accidentally click on a malicious SVG in the future, it will only open in notebook, throwing another roadblock in front (potentially) the phis of Sophos.” If, at some point, you Please note that you need to work with real SVG files, follow the same steps again and choose the graphical application that you plan to use. “
The second way is to use a renowned e-mail security program. Sophos said that a detection signature had been developed for the different types of armed files that he recently observed.
