Phishing campaigns involving QBot malware as payload have started using a new technique. Hackers are using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows systems. This particular activity allows them to stay under the radar and bypass security tools that scan for malicious files at the perimeter.