Avanan researchers discuss a new attack utilizing blank SVG images containing malicious code in phishing emails.
Blank image attacks leverage DocuSign’s legitimacy.
Avanan, a Check Point Software company, released a blog this morning detailing a new attack in which hackers hide malicious content inside a blank image within an HTML attachment in phishing emails claiming to be from DocuSign.
About the blank image attack.
Techniques used, and caution advised.
Hiding the malware within the empty image attachment hides the true intent of the message, and contains a legitimate link, allowing for the email to bypass link analysis and security scanners. Researchers advise caution around emails containing HTML attachments, suggesting the blockage of HTML attachments entirely with the treatment of them akin to executables.
Expert comment on HTML attachment attacks.
Jeremy Fuchs, an Avanan Cybersecurity Researcher/Analyst, says that this is a new variation of existing attack methods:
Added, 2:15 PM, January 20th, 2023.
Sameer Hajarnis, Chief Product Officer at OneSpan, commented on the global technological realities that enable this sort of attack:
"Today, the internet is built on insecure links. Because of this, the average individual must be vigilant before clicking on a link in an email, joining a Zoom meeting, or transferring money. Phishing techniques criminals are adopting have seen brands, like Amazon and DocuSign, also falling victim to advanced attacks, causing both financial and brand damage. These social engineering attacks often exploit the trust and familiarity we place with those we interact with daily. That is why the world needs security-infused workflows native to digital experiences that guarantee the integrity of people, data, transactions, and documentation. Organizations need to create a connected thread of trust between the business and the user throughout the entire digital customer journey. Until this happens, individuals should take precaution, double checking links before clicking too quickly and easily sign a form or enter their information."