Here we go again, yet another new sneaky scam from cybercriminals. In the words of the great John McClane, "Yippee-Ki-Yay".
Unfortunately for us, cybercriminals are getting smarter in how they trick us. This new scam impersonates a highly trusted brand name to get you hooked. Targets receive VERY convincing-looking emails (phishing emails) from a widely used e-signature platform. The email has an attached blank image that's loaded with empty SVG files. These SVG files are carefully encoded inside an HTML file attachment, confusing… we know!
In simple terms, it’s a very smart and very clever way of getting past a lot of security software. This puts businesses like yours at great risk. Because code within an image sends people to a malicious URL. Once you open the attachment you could unknowingly install malware onto your device, or maybe even the entire network! This has a high risk of exposing all your data and leaving you extremely vulnerable to a ransomware attack.
There has been a big increase in HTML attachment attacks on both small and medium-sized businesses. We can’t express enough how important it is for your business, no matter how big or small, to take ALL the action necessary to help prevent you from falling victim to an attack.
Please be extra careful if you use software to sign documents electronically, double-check that emails are genuine before opening any attachments. There’s a reason why criminals choose to impersonate a trusted name.
To take extra precautions, you have the option to block all emails with this type of attachment, to prevent employees from being exposed to scam emails in the first place.
Get in touch if you’d like further advice on implementing extra security measures.
Until next time, keep fit and have fun!
(TYYV) The Yada Yada Version:
Another day, another new scam from cyber criminals. Yada yada yada, make sure your business has taken all the steps to help prevent falling victim to an attack.
