The share of HTML attachments assessed to be malicious has greater than doubled, from 21% final Could to almost 46% in March 2023, in keeping with Barracuda.
The safety vendor warned that, whereas Hypertext Markup Language (HTML) is usually used for e mail newsletters, advertising and marketing supplies and different varieties of content material, it is usually a well-liked instrument for phishing, credential theft and different messaging threats.
“If a recipient opens the HTML file, a number of redirects by way of JavaScript libraries hosted elsewhere will take them to a phishing web site or different malicious content material managed by the attackers. Customers are then requested to enter their credentials to entry data or obtain a file that will comprise malware,” defined Barracuda CTO, Fleming Shi.
“Nonetheless, in some instances seen by Barracuda researchers, the HTML file itself contains refined malware which has the entire malicious payload embedded inside it, together with potent scripts and executables. This assault approach is turning into extra extensively used than these involving externally hosted JavaScript information.”
Read more on HTML threats: Phishers Use Blank Images to Disguise Malicious Attachments.
Shi claimed that HTML threats are more and more being unfold not by a restricted variety of mass campaigns, however by particular person assaults.
“On March 7, there have been 672,145 malicious HTML artifacts detected in complete, comprising 181,176 completely different gadgets. Because of this round 1 / 4 (27%) of the detected information have been distinctive and the remaining have been repeat or mass deployments of these information,” he said.
“Nonetheless, on March 23, virtually 9 in ten (85%) of the whole 475,938 malicious HTML artifacts have been distinctive – which signifies that virtually each single assault was completely different.”
This surge in exercise means HTML attachments stay the commonest malicious file kind in e mail threats this 12 months, Barracuda stated.
“Getting the appropriate safety in place is as vital now because it has ever been. This implies having efficient, AI-powered e mail safety in place that may consider the content material and context of an e mail past scanning hyperlinks and attachments,” Shi argued.
“Different vital parts embrace implementing sturdy multi-factor authentication or – ideally – zero belief entry controls; having automated instruments to reply to and remediate the influence of any assault; and coaching individuals to identify and report suspicious messages.”
