Home » News » A new scam using blank images targets common people: Reports

A new scam using blank images targets common people: Reports

January 23, 2023 By Raulf Hernes
(Image Credit Google)
Experts have described a strange new phishing scam using blank images to scam users, and you may not even know it. The form, described as a "blank image," is used by threat actors to embed empty.svg files encoded with Base64 inside HTML attachments in order to avoid URL redirect detection. DocuSign, the e-signature platform, is the target in this case, with scammers sending a seemingly legitimate DocuSign email with an HTML attachment that, when clicked, opens up what appears to be a blank image.

About "blank image" phishing:

A strange phishing technique is being used to hide empty SVG files inside HTML attachments, making them appear to be DocuSign documents. Researchers at email security company Avanan have named it "Blank Image." They explain that the attack allows phishing actors to circumvent the detection of redirect URLs. The phishing email sent to potential victims purports to be a DocuSign document, a widely used brand that many recipients are familiar with from their office jobs. The victim is asked to examine and sign the sent document, called Scanned Remittance Advice.htm, because HTML files are often ignored by email security systems and thus have higher chances of reaching the target's inbox. If a victim clicks on the button to view the completed document, they are taken to a legitimate DocuSign website, but if they attempt to open the HTML attachment, the Blank Image attack is activated. Ways-to-protect-your-phone-from-hackers-1 The use of SVG files in HTML containing base64-obfuscated code is not new; in December 2022, the same tactic was used in spam that sent the Qbot malware. SVGs are XML-based vector images that can include HTML script tags, so when an HTML document displays an SVG image through an embed or iframe tag, the image is displayed and the JavaScript contained in it runs. The SVG is empty on the victim's screen in the DocuSign campaign that the Avanan researcher identified, but the URL redirect code still runs in the background. Emails that have HTML code or HTML attachments should be treated with caution by users.

By Raulf Hernes

If you ask me raulf means ALL ABOUT TECH!!

Leave a Reply

You must be logged in to post a comment.
Latest News

Walmart's GenAI Search Engine: Challenging Google's Dominance in Retail Search
March 12, 2024

Introducing the MSI Claw Handheld: Your Ultimate Gaming Companion
March 12, 2024

Uber Increases In-App Ads, Prompting Mixed Reactions from Customers
March 12, 2024

Apple's iOS 18: A Leap into the AI Era
March 12, 2024

Google's Regular Pixel 8 Won't Get Gemini Nano AI
March 12, 2024

MacBook Air M3 Makes Amends for M2's Storage Blunder
March 11, 2024

Samsung Unveils the Galaxy M15 5G
March 11, 2024

Elon Musk's xAI to Open-Source Chatbot Grok
March 11, 2024

Contra: Operation Galuga - A Modern Run-and-Gun Classic
March 11, 2024

Musk Confirms X's TV App Arrives This Week
March 11, 2024
RELATED NEWS
Walmart's GenAI Search Engine: Challenging Google's Dominance in Retail Search

In the ever-changing world of technology and retai...

news-extra-space
Uber Increases In-App Ads, Prompting Mixed Reactions from Customers

In a bid to capture the attention of users and dri...

news-extra-space
Apple's iOS 18: A Leap into the AI Era

Apple is preparing for a game-changing move with i...

news-extra-space
Google's Regular Pixel 8 Won't Get Gemini Nano AI

Google has been making huge headways in artificial...

news-extra-space
Elon Musk's xAI to Open-Source Chatbot Grok

Elon Musk's artificial intelligence firm, xAI, is ...

news-extra-space
Instagram Surpasses TikTok in App Downloads

In a digital showdown that has captured the attent...

news-extra-space
2
3
4
5
6
7
8
9
10