Microsoft Visio Files Used in Sophisticated Phishing Attacks

"A surge in two-step phishing attacks leveraging Microsoft Visio files has been identified by security researchers, marking a sophisticated evolution in phishing tactics.

Discovered by Perception Point, the new attacks use Visio’s .vsdx format, a file type commonly employed for business diagrams, to disguise malicious URLs and bypass traditional security scans.

Microsoft Visio, often used for flowcharts and network diagrams, has now become a tool of deception in phishing campaigns. Attackers exploit the platform by embedding URLs within Visio files. The tactic takes advantage of users’ trust in Microsoft tools and creates a covert way to bypass security systems.

Unlike common attachments like PDFs or Word documents, Visio files are rarely flagged as threats, making them an ideal vehicle for delivering phishing links."

See more: https://www.infosecurity-magazine.com/news/microsoft-visio-files-phishing/

#cybersecurity #phishing