Most email providers have security filters that check emails for malicious links or attachments. You may feel like you can rely on these filters and, as a result, trust that emails sent to your inbox are safe. Unfortunately, cybercriminals can take advantage of this trust by using blank image phishing to bypass security filters.
The scam starts with a fake email that appears to be from DocuSign. The email asks you to review and sign a document as soon as possible and contains an HTML attachment. Instead of an important document, the attachment is a blank SVG with malicious code. Because this code is hidden inside the attachment, the email can bypass security filters. If you download the attachment, the code will redirect you to a malicious website that will prompt you to enter sensitive information. If you enter this information, cybercriminals can use it for their own purposes.
Follow the tips below to stay safe from similar scams:
- Always think before you download an attachment. This type of cyberattack is designed to trick you into downloading attachments impulsively.
- Never click a link or download an attachment in an email that you aren’t expecting. While this attack targets DocuSign users, this scam could be used with any organization that manages electronic agreements.
- Enable multi-factor authentication (MFA) on your accounts when it is available. MFA adds an extra layer of security and lowers the chance of cybercriminals logging in to your account.
- To verify the legitimacy of an invoice/DocuSign attachment, reach out to the person who allegedly sent the email by phone or in person.
Stop, Look, & Think. Don’t be Fooled!
The HoyleCohen Cybersecurity Team