Phishing attacks rise as Microsoft Visio files become new tool for cybercriminals

Security researchers have found a rise in phishing attacks using Microsoft Visio files, specifically .vsdx format. This method allows attackers to hide malicious links within Visio documents, making them less likely to be flagged by security systems. The attacks typically involve compromised email accounts sending legitimate-looking emails with Visio file attachments. Users are tricked into clicking links that lead to fake Microsoft login pages, where their credentials can be stolen. This trend marks a shift from traditional phishing methods, as attackers increasingly exploit trusted platforms like SharePoint and Visio. Microsoft has acknowledged this issue, highlighting the need for users to be vigilant and adopt stronger security practices.