Another scam, another day. And it’s a clever one.
Cybercriminals are becoming more sophisticated. This latest malware threat is unusually clever. It impersonates a highly trusted brand name to get a foot in the door.
Targets receive a convincing email that appears to be from a popular e-signature platform.
A blank image loaded with empty svg files is attached to the email, which is carefully encoded inside an HTML file attachment (stay with us here).
In short, it’s very clever and can get around a lot of security software.
This puts companies like yours at risk. Because the image’s code directs users to a malicious URL.
If you open the attachment, you may unintentionally install malware on your device or network, exposing your data and leaving you vulnerable to a ransomware attack.
There has recently been a wave of HTML attachment attacks on small and medium-sized businesses, indicating that businesses must take action to stay ahead of the criminals.
If you use software to electronically sign documents, double-check that emails are genuine before opening any attachments.
There’s a reason why the criminals chose to impersonate a well-known name.
To go a step further, you could block all emails with this type of attachment to avoid employees being exposed to scam emails in the first place.
If you’d like any further advice, or help implementing extra security measures, get in touch.