The Rise of XHTML Attachment in Phishing Emails
Attackers have commonly use HTML attachments for phishing due to its capability of designing a webpage. They would need a webpage in order to mimic login pages of well-known companies, which in turn will trick the user to input their credentials thinking that they are in a legitimate website. However, we have recently observed that more attackers now use .xhtml to substitute for the usual html attachments.
Inside .xhtml attachment: