A growing number of emails are arriving loaded with malicious or harmful HTML attachments, new research has warned.
A report from Barracuda found almost half (46%) of HTML attachment in emails it scanned was found to be malicious. Barracuda says the Hypertext Markup Language (HTML) is growing increasingly popular in phishing, credential theft, and other forms of cyberattacks.
Protecting your business from the biggest threats online
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.
Preferred partner (What does this mean?)
The CTO also said that the HTML threats are being distributed via countless individual attacks, rather than a handful of mass events.
“On March 7, there were 672,145 malicious HTML artifacts detected in total, comprising 181,176 different items. This means that around a quarter (27%) of the detected files were unique and the rest were repeat or mass deployments of those files,” Shi said. “However, on March 23, almost nine in ten (85%) of the total 475,938 malicious HTML artifacts were unique – which means that almost every single attack was different.”
The figures are pointing to HTML attachments remaining one of the most common ways to deliver malware through email, the blog concludes, saying that it’s pivotal for businesses to have the right security solutions set up. “This means having effective, AI-powered email protection in place that can evaluate the content and context of an email beyond scanning links and attachments,” it was said.
Multi-factor authentication, zero-trust access controls, as well as automation in response and attack remediation, is also essential to any organization’s cybersecurity tech stack, right next to employee training, Shi concluded.
- Check out the best endpoint security tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.