AI meets phishing: SVGs with a suit and tie.
Microsoft warns of a phishing campaign using LLM-generated, business-themed SVG files to hide malicious JavaScript and evade filters. The attack used self-addressed emails (BCC targets) and fake file-share lures; the SVG redirected via CAPTCHA to credential harvest pages. Microsoft’s analysis notes verbose, over-engineered code and business buzzwords as likely LLM fingerprints. Recommendation: treat SVGs as executable content, tighten attachment policies, and monitor for unusual SVG/JavaScript activity.
Phishing’s had a glow-up. Attackers are stuffing SVG images with sneaky JavaScript and a load of “quarterly-revenue-synergy” jargon—very AI-generated—to dodge filters and nick logins. The trick: send a file-share email, funnel you through a tidy CAPTCHA, then land on a fake sign-in.
What to do: block or sandbox SVG attachments, strip active content, and flag look-alike file-share emails. If your filters see “image”, make them treat SVGs like mini webpages.