245% Increase In SVG Files Used To Obfuscate Phishing Payloads
KnowBe4, Monday, March 17th, 2025
The KnowBe4 Threat Research team has observed a sustained increase in the use of Scalable Vector Graphics (SVG) files to obfuscate malicious payloads.
SVGs are vector based, rather than pixel-based like PNGs and JPGs. This means the graphic elements can be scaled up without loss of quality - making them perfect for sharing graphics, such as logos and icons, via email.
In a now well-established pattern (think QR codes and quishing attacks), cybercriminals are attempting to take advantage of the growing use of this file type, hoping familiarity will lead to complacency in the targets of their phishing attacks.