Kurzfassung
A new phishing campaign is flooding inboxes with emails carrying SVG (Scalable Vector Graphic) attachments. While SVG is normally a benign image format, browsers render SVG files like HTML, so attackers embed obfuscated JavaScript that...
Wie es funktioniert
A new phishing campaign is flooding inboxes with emails carrying SVG (Scalable Vector Graphic) attachments. While SVG is normally a benign image format, browsers render SVG files like HTML, so attackers embed obfuscated JavaScript that...
Warnzeichen
- Unsolicited email with an .svg attachment instead of a normal image or PDF. No visible image content
- opening the file in a text editor reveals script code. Redirect URL uses an unusual TLD (e.g. .cfd ) and embeds the recipient's email address in the path
Was tun
- 1Do not open unexpected SVG attachments: forward them to your IT/security team and
Quelle
FAQ
Ist Phishing Wave Uses SVG Attachments to Redirect Users to Credential Theft Pages ein reales Betrugsmuster?
Ja. Behandeln Sie Nachricht, Anruf oder Zahlungsaufforderung als verdaechtig, bis ein offizieller Kanal sie bestaetigt.
Was sind die ersten Warnzeichen?
Unsolicited email with an .svg attachment instead of a normal image or PDF. No visible image content; opening the file in a text editor reveals script code. Redirect URL uses an unusual TLD (e.g. .cfd ) and embeds the recipient's email address in the path
Was sollte ich zuerst tun?
Do not open unexpected SVG attachments: forward them to your IT/security team and
Kann LegalAudit meinen Fall pruefen?
Ja. Starten Sie den kostenlosen Chat und fuegen Sie Nachricht, Link, Absender oder Zahlungsdaten ein.