The share of HTML attachments assessed to be malicious has greater than doubled, from 21% final Might to almost 46% in March 2023, in keeping with Barracuda.
The safety vendor warned that, whereas Hypertext Markup Language (HTML) is often used for e-mail newsletters, advertising and marketing supplies and different sorts of content material, it’s also a preferred instrument for phishing, credential theft and different messaging threats.
“If a recipient opens the HTML file, a number of redirects through JavaScript libraries hosted elsewhere will take them to a phishing website or different malicious content material managed by the attackers. Customers are then requested to enter their credentials to entry info or obtain a file which will include malware,” defined Barracuda CTO, Fleming Shi.
“Nevertheless, in some instances seen by Barracuda researchers, the HTML file itself consists of subtle malware which has the entire malicious payload embedded inside it, together with potent scripts and executables. This assault method is turning into extra extensively used than these involving externally hosted JavaScript recordsdata.”
Learn extra on HTML threats: Phishers Use Clean Pictures to Disguise Malicious Attachments.
Shi claimed that HTML threats are more and more being unfold not by a restricted variety of mass campaigns, however by particular person assaults.
“On March 7, there have been 672,145 malicious HTML artifacts detected in whole, comprising 181,176 totally different gadgets. Which means round 1 / 4 (27%) of the detected recordsdata had been distinctive and the remainder had been repeat or mass deployments of these recordsdata,” he stated.
“Nevertheless, on March 23, nearly 9 in ten (85%) of the full 475,938 malicious HTML artifacts had been distinctive – which implies that nearly each single assault was totally different.”
This surge in exercise means HTML attachments stay the commonest malicious file kind in e-mail threats this yr, Barracuda stated.
“Getting the proper safety in place is as essential now because it has ever been. This implies having efficient, AI-powered e-mail safety in place that may consider the content material and context of an e-mail past scanning hyperlinks and attachments,” Shi argued.
“Different essential components embody implementing strong multi-factor authentication or – ideally – zero belief entry controls; having automated instruments to answer and remediate the impression of any assault; and coaching folks to identify and report suspicious messages.”
