Cybersecurity researchers are sounding the alarm over an evolution in phishing tactics. A new form of two-step phishing attack (2SP) uses Microsoft Visio (.vsdx) files to evade detection and steal credentials, according to a report by security firm Perception Point. These attacks, leveraging trusted platforms and “harmless familiarity,” are targeting hundreds of organizations globally.
The attack starts with hackers using compromised email accounts to send phishing emails that bypass basic security checks. These emails often include business proposals or purchase orders with an urgent request to respond. The victim is then directed to a compromised Microsoft SharePoint page hosting a seemingly innocuous Visio file. However, clicking on the file reveals another embedded URL leading to a malicious payload or phishing site.
Researchers noted a “dramatic increase” in attacks of this type. Ariel Davidpur, a security researcher at Perception Point, emphasized that these attacks represent “a sophistication of two-step phishing tactics,” exploiting user trust while adding new layers of deception to avoid detection.
To mitigate risk, experts advise against holding down the Ctrl key or clicking on files and URLs from unknown or suspicious sources. Strengthening email account security, such as enabling multi-factor authentication (MFA), is critical to stopping these attacks.
As phishing tactics evolve, cybersecurity professionals emphasize the need for vigilance and layered defensive strategies to stay ahead of increasingly sophisticated threats.
Sources include: Perception Point, *Forbes*.