In breve
A new phishing campaign is flooding inboxes with emails carrying SVG (Scalable Vector Graphic) attachments. While SVG is normally a benign image format, browsers render SVG files like HTML, so attackers embed obfuscated JavaScript that...
Come funziona
A new phishing campaign is flooding inboxes with emails carrying SVG (Scalable Vector Graphic) attachments. While SVG is normally a benign image format, browsers render SVG files like HTML, so attackers embed obfuscated JavaScript that...
Indicatori rossi
- Unsolicited email with an .svg attachment instead of a normal image or PDF. No visible image content
- opening the file in a text editor reveals script code. Redirect URL uses an unusual TLD (e.g. .cfd ) and embeds the recipient's email address in the path
Cosa fare
- 1Do not open unexpected SVG attachments: forward them to your IT/security team and
Fonte
FAQ
Phishing Wave Uses SVG Attachments to Redirect Users to Credential Theft Pages e una truffa reale?
Si. Tratta messaggi, chiamate o richieste di pagamento come sospette finche non le verifichi da un canale ufficiale.
Quali sono i primi segnali?
Unsolicited email with an .svg attachment instead of a normal image or PDF. No visible image content; opening the file in a text editor reveals script code. Redirect URL uses an unusual TLD (e.g. .cfd ) and embeds the recipient's email address in the path
Cosa devo fare subito?
Do not open unexpected SVG attachments: forward them to your IT/security team and
LegalAudit puo controllare il mio caso?
Si. Apri la chat gratis e incolla messaggio, link, mittente o dati di pagamento per un triage.