Hackers are using files for Microsoft Visio to trick computer users into visiting phishing sites. These emails often appear to come from a real sender’s address but contain malicious attachments with links to compromised Sharepoint environments. The attackers then use these links to lure victims to fake Microsoft 365 login pages.
According to cybersecurity expert Perception Point, this two-step attack involves sending emails with Visio files attached that include links to phishing sites. The goal is to make the email seem trustworthy by using legitimate-looking subject lines and sender addresses. These emails often contain instructions to click on a button while holding down the control key, which helps hackers determine if the link is being opened by a human or a bot.
The phishing scheme relies on fake Microsoft Visio documents that mimic the company’s corporate identity. The documents may include buttons with links that lead to malicious websites. Once victims enter their login credentials on these sites, they are captured by the attackers.
Source: https://www.techzine.eu/news/security/126122/hackers-use-visio-files-to-spread-phishing-links