Microsoft has raised the alarm over a sophisticated phishing campaign targeting U.S.-based organizations, believed to use large language models (LLMs) to conceal malicious code and evade traditional security defenses. Detected on August 28, 2025, the campaign illustrates how threat actors are increasingly integrating artificial intelligence tools into phishing operations to craft convincing lures, automate malware obfuscation, and generate code that mimics legitimate content.
“Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and a synthetic structure to disguise its malicious intent,” Microsoft’s Threat Intelligence team noted. The attackers exploited compromised business email accounts to send phishing messages masquerading as file-sharing notifications, tricking users into opening what appeared to be a PDF but was actually a Scalable Vector Graphics (SVG) file.
“SVG files (Scalable Vector Graphics) are attractive to attackers because they are text-based and scriptable, allowing them to embed JavaScript and other dynamic content directly within the file,” Microsoft explained. Features like invisible elements, encoded attributes, and delayed script execution make SVG files ideal for evading static analysis and sandboxing. Once opened, the file redirects victims to a CAPTCHA page and eventually to a fake login page to harvest credentials.
Microsoft highlighted the unusual obfuscation approach, using business-related language to disguise malicious intent. “First, the beginning of the SVG code was structured to look like a legitimate business analytics dashboard,” the company said. “This tactic is designed to mislead anyone casually inspecting the file, making it appear as if the SVG’s sole purpose is to visualize business data. In reality, though, it’s a decoy.” Key functions and variables were embedded with terms like revenue, operations, risk, quarterly, growth, or shares, further hiding the payload’s true purpose.
Security analysis using Microsoft Security Copilot confirmed the complexity and atypical structure of the code: “Not something a human would typically write from scratch due to its complexity, verbosity, and lack of practical utility.” Indicators included overly descriptive function names, highly modular and over-engineered structure, verbose comments, and formulaic obfuscation techniques.
While the campaign was effectively blocked, Microsoft warned that such AI-assisted phishing techniques are increasingly common. Similar campaigns have leveraged malicious attachments, obfuscated scripts, and social engineering lures targeting government agencies and corporate victims to deploy malware like XWorm RAT, Lone None Stealer, and PureLogs Stealer.
“While this campaign was limited in scope and effectively blocked, similar techniques are increasingly being leveraged by a range of threat actors,” Microsoft said, urging organizations to remain vigilant against evolving phishing threats.
