Uptick in Phishing Attempts via XPS file extensions
We’ve seen it time after time, malicious actors routinely attempt to confuse recipients of messages with obscure or lesser-utilized file extensions.
Over the past month, some phishing attempts using xps files instead of the typical pdf or doc/docx formats have been captured by our filters. The xps file format is Microsoft’s alternative to pdf files. Windows machines with Vista or later operating systems natively support this extension with Windows xps file viewer. Actors have started taking advantage of this lesser-utilized format for their phishing campaigns.