There is a rise in the usage of a phishing technique that tricks the user into thinking that an image of the attached file can be quickly opened in snapshot mode. But in fact, it is an attack.
How it works.
The user receives a mail with some information regarding the file image. By embedding the image into the mail, the attacker tricks the user into thinking that a simple click on the image will allow him to open it in snapshot mode without downloading the file or image itself. A common interaction in Office 365 and G-Mail. However, as soon as he clicks on the file it opens an instant download page hiding behind the image and immediately starts downloading the malicious file.
Both of these examples evade mainstream email security solutions as they are deeply embedded into hidden layers. Perception Point sees these attacks thanks to our Recursive Unpacker, which extracts out each layer to be analyzed separately by our engines.