Cybercriminals may be getting more sophisticated by the day, but simple HTML file distribution still remains one of the most popular tactics, new research shows.
According to telemetry data from cybersecurity company Kaspersky, in the first four months of 2022, there were more than two million malicious emails carrying weaponized HTML files.
March 2022 was the most active month of the year so far for this type of attack, with 851,000 detections. Last month saw just 387,000 detections, although Kaspersky says this could just be a “momentary shift”, and doesn’t necessarily suggest a shift in the wider trend.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.
Popular attack vector
HTML owes its popularity among cybercriminals to its effectiveness against antispam engines and other cybersecurity measures. Short for HyperText Markup Language, it is the standard markup language for web pages and other documents designed to be displayed in a web browser.
When weaponized, HTML files can redirect users to malicious sites, have them download malware or viruses, and locally display various phishing forms.
As the language itself cannot be deemed malicious, it hardly gets detected by email security solutions, either.
Email continues to be one of the most popular attack vectors for cybercriminals. It’s widespread and cheap, making it an ideal tool for the distribution of spyware, ransomware, and other malware, as well as phishing attacks.
Cybersecurity researchers are warning users to always be suspicious of incoming emails, especially when they carry links or attachments. Even if the email security solution installed on the device does not trigger a warning, HTML attachments should be treated as suspicious.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.