Highlights
A cunning new email scam uses blank images and a trusted brand name to lead you and your people to download malware. Fall victim and you risk losing your data
Another day, another scam. And this is a sneaky one.
Cyber criminals are getting smarter. This recent malware threat is unusually smart. It impersonates a highly trusted brand name to get a foot in the door.
Targets receive a convincing looking email that appears to come from a widely used e-signature platform.
Attached to the email is a blank image that’s loaded with empty svg files, which are carefully encoded inside an HTML file attachment (stay with us here).
In short, it’s very clever and it’s tricking its way past a lot of security software.
That puts businesses like yours at risk. Because code within the image sends people to a malicious URL.
Open the attachment and you could unwittingly install malware onto your device – or even your network – which risks exposing your data and leaving you open to a ransomware attack.
Recently, there’s been a wave of HTML attachment attacks on small and medium sized businesses, so it’s clear that companies need to take action to stay ahead of the criminals.
If you use software to sign documents electronically, double-check that emails are genuine before opening any attachments.
There’s a reason why the criminals have chosen to impersonate a trusted name.
Taking things a step further, you could block all emails with this type of attachment, to prevent employees from being exposed to scam emails in the first place.
If you’d like any further advice, or help implementing extra security measures, get in touch.
Tell us about yourself so we can serve you best.
Got a question?
More articles
.png)
This special edition of our Leading London series brings together the partners behind the rollout of the City of London Corporation’s new unified network, a major upgrade designed to strengthen public services and improve connectivity across the Square Mile and beyond.
The panel included:
- Sam Collins, Assistant Director of Digital and Data, City of London Corporation
- Chelsea Chamberlin, Chief Technology Officer, Roc Technologies
- Scott McKinnon, Chief Security Officer, Palo Alto Networks
- Rhod Morgan, Chief Operations Officer, Vorboss
- Elliot Townsend, Senior Director, Juniper Networks
- Christa Elizabeth Norton, Marketing Director, Roc Technologies
Together, they explored how the new network will improve public services, strengthen cyber resilience and support a more connected, future-ready City.
For many landlords and building managers, the word “wayleave” feels like the responsible route whenever a fibre circuit is being installed on their property. It sounds formal and safe – a neat legal box to tick.
In many cases, however, a wayleave adds unnecessary complexity and delays, frustrates tenants, and can expose landlords to long-term legal risks.
At Vorboss, we’ve connected thousands of office spaces across London without a wayleave, keeping landlords in full control and getting tenants online faster.
What is a wayleave?
A wayleave is a written agreement between a landowner and a telecoms operator. It gives the operator permission to install and keep equipment on private property.
What many people don’t realise is that signing a wayleave also activates “Code rights” under the Electronic Communications Code. These rights go beyond simple permission, they give the operator legal powers to stay on the property indefinitely, access it when needed, and even refuse removal of their equipment in certain situations.
For a typical connection into a commercial building in London, a wayleave can make the fibre installation process slower, more expensive, and limit the landlord’s flexibility long term.
Why a wayleave isn’t required for standard in-building fibre connections
For a standard in-building fibre connection serving a tenant, a wayleave isn’t a legal requirement. Important protections, like building access, fire safety, repairing any damage, and removing equipment, are already covered by the tenant’s lease and usual building rules.
If no wayleave is signed, no Code rights are triggered, meaning the landlord retains full control and the installation exists under a simple, fully revocable licence.
In practice, this gives landlords far more protection and flexibility:
- No legal lock-in – the telecoms operator has no long-term rights to stay or refuse removal.
- Landlords keep full control – equipment can be moved or removed when the building changes.
- Faster fibre installation – no time lost in drafting contracts or solicitor reviews.
- Happier tenants – connections go live quicker; tenants get to move in faster.
By contrast, signing a wayleave and granting Code rights introduces a complex and expensive legal process for any fibre removal or relocation. This can take at least 18 months, plus potential court or tribunal proceedings, making it slower, and far less flexible for the landlord.
.avif)
.avif)
