Be Vigilant – Microsoft Visio Files are now a tool in Advanced Phishing Attacks
A recent surge in sophisticated phishing tactics using Microsoft Visio files (.vsdx format) has been flagged by cyber security experts as a concerning development in the ongoing battle against digital threats, which has only heightened the requirement for companies to be vigilant and invest in Managed Security Awareness Training. Researchers discovered this novel approach, where attackers leverage the Visio platform, widely used for business diagrams and flowcharts, to embed malicious URLs that bypass traditional security measures. Here’s what to look out for to avoid falling victim to a Microsoft Visio related Phishing Attack.
Exploiting Familiar Tools: Visio as a Phishing Vector
Microsoft Visio files, trusted for diagramming and network mapping, are rarely flagged suspicious by email security filters. Attackers now embed phishing links within these Visio files, often delivered through email attachments or links. Using user familiarity with Microsoft tools, attackers effectively disguise phishing links within trusted formats to avoid detection.
How the Microsoft Visio Phishing Attack Works
The attack typically unfolds in a multi-step process:
- Compromised Accounts: Attackers use compromised accounts to send phishing emails, bypassing security checks due to the trusted source.
- Email Content: Recipients receive emails with .vsdx, or .eml file attachments, mimicking legitimate documents like proposals or invoices.
- File Delivery: The email directs users to a SharePoint page where they download the Visio file, which often bears authentic branding from the compromised organisation.
- Embedded Link in Visio: Attackers include a disguised “View Document” button inside the Visio file that prompts users to press Ctrl + Click, bypassing automated security tools. Once clicked, users are redirected to a fake Microsoft login page, where their credentials are stolen.
The Growing Trend of Phishing with Trusted Platforms
According to researchers, these Microsoft Visio based phishing attacks represent a trend of attackers using widely trusted platforms, like SharePoint and Visio, to create increasingly sophisticated, multi-layered phishing schemes. Microsoft has acknowledged the rise in phishing attacks utilising its products, urging increased user vigilance.
Recommended Cyber Security Measures
To defend against such threats, cyber security experts recommend several proactive measures:
- Sender Verification: Always verify the sender’s identity before opening attachments, especially unusual file types like Visio.
- Multi-Factor Authentication (MFA): Enable MFA to add a layer of security against unauthorised access.
- Cybersecurity Training: Regularly train staff on recognising phishing tactics to build a security-conscious workforce.
- Advanced Email Security Solutions: Deploy email security tools that monitor for uncommon file types and detect phishing attempts embedded in less traditional attachments.
As phishing tactics evolve, maintaining awareness and adopting robust cyber security practices are vital in safeguarding against these sophisticated threats.
