En bref
A new phishing campaign is flooding inboxes with emails carrying SVG (Scalable Vector Graphic) attachments. While SVG is normally a benign image format, browsers render SVG files like HTML, so attackers embed obfuscated JavaScript that...
Comment ca fonctionne
A new phishing campaign is flooding inboxes with emails carrying SVG (Scalable Vector Graphic) attachments. While SVG is normally a benign image format, browsers render SVG files like HTML, so attackers embed obfuscated JavaScript that...
Signaux d'alerte
- Unsolicited email with an .svg attachment instead of a normal image or PDF. No visible image content
- opening the file in a text editor reveals script code. Redirect URL uses an unusual TLD (e.g. .cfd ) and embeds the recipient's email address in the path
Que faire
- 1Do not open unexpected SVG attachments: forward them to your IT/security team and
Source
FAQ
Phishing Wave Uses SVG Attachments to Redirect Users to Credential Theft Pages est une vraie arnaque ?
Oui. Traitez le message, l'appel ou la demande de paiement comme suspect jusqu'a verification via un canal officiel.
Quels sont les premiers signaux ?
Unsolicited email with an .svg attachment instead of a normal image or PDF. No visible image content; opening the file in a text editor reveals script code. Redirect URL uses an unusual TLD (e.g. .cfd ) and embeds the recipient's email address in the path
Que faire en premier ?
Do not open unexpected SVG attachments: forward them to your IT/security team and
LegalAudit peut-il verifier mon cas ?
Oui. Lancez le chat gratuit et collez le message, le lien, l'expediteur ou les details de paiement.