Payment Confirmation

Always be wary of unexpected or unsolicited emails that contain attachments as they may contain malware. The vagueness and generic nature of this message should be a red flag and may be a ploy to get you to click on the attachment. Since the message does not address the recipient by name and provides no information about the supposed payment, it’s likely that it was a mass mailout and therefore not a legitimate invoice.

If you’re inclined to think that the attachment should be harmless because SVG is an image format, think again! SVG files can actually contain embedded scripts, meaning they can be laced with malware, which is definitely the case for this sample. If you clicked on this attachment, contact the Computer Help Desk or your department’s IT support staff immediately for assistance.

Vague email claiming to be an invoice but the SVG attachment actually contains malware

From: allen.lopez@o******.com
Subject: Payment Confirmation

Attachment: [Generic file icon] RTVBAS05GDBA09.svg (2 KB)

Payment Received, attached is your invoice.