Infographic depicting AI-powered phishing: flowchart of compromised email distribution with BCC hiding, SVG file "23mb – PDF- 6 pages.svg" icon morphing into invisible business dashboard (zero-opacity charts with "revenue," "operations" labels), AI code g

Cybercriminals are harnessing AI to supercharge phishing attacks, as revealed in a recent campaign targeting US organizations. Security researchers at Microsoft uncovered this sophisticated operation, where threat actors use AI-generated code to obscure malicious payloads in documents mimicking legitimate business analytics. This tactic exploits the same AI tools defenders rely on, marking a dangerous convergence in the cyber threat landscape and evading traditional detection methods.

Infographic depicting AI-powered phishing: flowchart of compromised email distribution with BCC hiding, SVG file "23mb – PDF- 6 pages.svg" icon morphing into invisible business dashboard (zero-opacity charts with "revenue," "operations" labels), AI code gInfographic depicting AI-powered phishing: flowchart of compromised email distribution with BCC hiding, SVG file "23mb – PDF- 6 pages.svg" icon morphing into invisible business dashboard (zero-opacity charts with "revenue," "operations" labels), AI code g

The campaign spreads via compromised small business email accounts, sending self-addressed phishing messages with hidden BCC recipients to dodge filters. Emails pose as file-sharing alerts, luring users to open attachments like “23mb – PDF- 6 pages.svg,” an SVG file disguised as a PDF. SVGs' text-based, scriptable nature allows embedding JavaScript and dynamic content, enabling credential theft while appearing as harmless graphics.

Infographic depicting AI-powered phishing: flowchart of compromised email distribution with BCC hiding, SVG file "23mb – PDF- 6 pages.svg" icon morphing into invisible business dashboard (zero-opacity charts with "revenue," "operations" labels), AI code gInfographic depicting AI-powered phishing: flowchart of compromised email distribution with BCC hiding, SVG file "23mb – PDF- 6 pages.svg" icon morphing into invisible business dashboard (zero-opacity charts with "revenue," "operations" labels), AI code g

The innovation lies in AI-driven obfuscation, ditching encryption for code that embeds malware in business jargon. The SVG feigns a Business Performance Dashboard with invisible charts (zero opacity) and labels like “revenue,” “operations,” and “risk” concatenated into hidden attributes. This verbosity and complexity—deemed non-human by Microsoft Security Copilot—masks the payload, fooling analysts and antivirus tools alike.
 
NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security