Risky Bulletin Newsletter
May 26, 2025
Risky Bulletin: SVG use for phishing explodes in 2025
Presented by

News Editor
Over the course of the past six months, the SVG image format has become a favorite method of hiding and delivering malicious code for email phishing campaigns.
More than a dozen cybersecurity firms have now noted the rise in SVG payloads in their email security detections: AhnLab, Cloudflare, Forcepoint, Intezer, Kaspersky, Keep Aware, KnowBe4, Mimecast, Sophos, Sublime Security, Trustwave, and VIPRE.
In its Q1 2025 trends report, Sublime Security says SVG payloads now account for 1% of all phishing attempts the company sees.