We started the year, and before the end of the first month, new forms of phishing attacks have already been detected.
Cybersecurity is a crucial issue in an increasingly digitized world. Cybercriminals are constantly looking for new ways to attack businesses and individuals, and it’s important to always stay on top of the latest techniques used.
This week, an unusual phishing technique has been detected. Avanan, a specialized cybersecurity company, has published an article on its blog describing a new attack where hackers hide malicious content within an empty image within an HTML attachment in phishing emails that appear to come from DocuSign.
The attack begins with an email that appears to have been sent by DocuSign, containing a link and an HTML attachment. The mail requests the review and signature of a document referred to as a “payment notice.” If the recipient clicks the “View Entire Document” button, they are directed to a legitimate web page, but the attachment is not. If the file is opened, the attack begins. The attached file includes a Base64-encoded SVG image containing Javascript code that redirects to the malicious link.
Cybercriminals use this technique to hide their true intent as it contains a legitimate link, allowing the email to bypass link checking and security scanners. Experts recommend caution with emails that contain HTML and suggest blocking all HTML attachments by treating them as executables.
According to Avanan, the novelty of this attack is the use of an empty image with active content inside it, that is, a javascript image, which redirects to a malicious URL. It is important to note that this type of attack is unique and so far has not been detected by specialized services such as VirusTotal.
"Get human firewalls to complete the defense of your organization"
The best way to protect against these types of attacks is through security awareness, training employees to recognize social engineering attacks, even the most innovative ones like the one in this article. Threat actors are constantly evolving, so it is crucial to keep employees’ common sense awake, so that even if the attack is novel or a technical variant that evades security systems, they can identify and stop it in time, getting human firewalls to complement your organization’s defense.
