Cybercriminals are increasingly using SVG image files in emails to deliver malware like AsyncRAT, which can remotely control devices. These malicious SVGs often appear in emails from trusted sources and contain embedded scripts that evade traditional security measures. Users are advised to delete any emails with SVG attachments unless they are certain of their legitimacy, as these files pose a significant security threat.
Malicious actors are embedding obfuscated exploit code inside SVG files on adult websites, which, when decoded, deploy JavaScript that hijacks Facebook 'Like' actions without user consent, exploiting known vulnerabilities and recurring abuse on WordPress sites.
Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files and SVG attachments to evade detection and steal credentials. These attacks exploit user trust by embedding malicious URLs in familiar file formats and instructing victims to perform actions like holding down the Ctrl key to bypass security systems. As cyber fraud evolves, especially during International Fraud Week, businesses are urged to enhance their defenses with robust email security and two-factor authentication to mitigate risks.
Cybersecurity experts warn of a rise in sophisticated two-step phishing attacks using Microsoft Visio files to evade detection. These attacks involve sending emails from breached accounts with seemingly harmless attachments that, when interacted with, lead to credential-stealing sites. Additionally, attackers are using scalable vector graphics (SVG) files to deploy phishing attacks, exploiting their ability to execute JavaScript. Users are advised to be cautious with unfamiliar file formats and ensure robust email security measures, including two-factor authentication.
