According to Barracuda, the proportion of HTML attachments considered malicious has more than doubled, from 21% last May to nearly 46% in March 2023.
The security vendor warned that while Hypertext Markup Language (HTML) is commonly used for email newsletters, marketing materials and other types of content, it’s also a popular phishing tool , credential theft and other messaging threats.
“If a recipient opens the HTML file, various redirects using JavaScript libraries hosted elsewhere will take them to a phishing site or other malicious content controlled by the attackers. Users are then prompted to enter their credentials to access to the information or download a file that may contain malware,” explained Barracuda CTO Fleming Shi.
“However, in some cases seen by Barracuda researchers, the HTML file itself contains sophisticated malware that has the full malicious payload embedded, including powerful, executable scripts. This attack technique is being used more widely than involving externally hosted JavaScript files.”
Learn more about HTML threats: Phishers use blank images to disguise malicious attachments.
Shi stated that HTML threats are becoming more widespread not because of a limited number of mass campaigns, but because of individual attacks.
“As of March 7, a total of 672,145 malicious HTML artifacts were detected, comprising 181,176 different elements. This means that around a quarter (27%) of the detected files were unique and the rest were repeated or mass deployments of ‘these files,’ he said.
“However, on March 23, almost nine out of ten (85%) of the total 475,938 malicious HTML artifacts were unique, meaning that almost all attacks were different.”
This increase in activity means HTML attachments remain the most common malicious file type in email threats this year, Barracuda said.
“Getting security right is as important now as it’s ever been. That means having effective AI-powered email protection that can evaluate the content and context of an email beyond scanning links and attachments” , Shi argued.
“Other important elements include implementing robust multi-factor authentication or, ideally, zero-trust access controls; having automated tools to respond to and remediate the impact of any attack; and training people to detect and report suspicious messages “.
Source link
As malicious HTML attachments continue to become more pervasive, companies are looking for better ways to protect themselves from them. Ikaroa is leading the way in providing innovative solutions for businesses that are seeking advanced protection against these increasingly more sophisticated threats.
Malicious HTML attachments have become increasingly common, posing a major threat to businesses of all sizes. Emails containing malicious HTML attachments can allow cyber criminals to install malicious files on computers and steal sensitive data. These malicious attachments are designed to look innocuous and delivery speeds, making them even more difficult to detect and stop.
Ikaroa’s suite of cutting-edge protective measures has been designed to identify and prevent malicious HTML attachments from entering corporate systems. Our detection technology goes beyond simple antivirus scanning to detect malicious HTML attachment types, even before they’re transmitted. This comprehensive approach can identify and eliminate threats even after they’ve been opened.
In addition to malicious HTML attachments, Ikaroa also offers a host of endpoint security solutions that help to defend against phishing, ransomware, and other cyber threats. By deploying real-time protections, such as signature and reputation-based detection engines, our platform offers an additional layer of defense against malicious emails and their attachments.
Malicious HTML attachments are growing more sophisticated by the day and can have serious repercussions for companies if left unchecked. For businesses looking for comprehensive protection against these threats, Ikaroa’s advanced security platform is a key ally. Utilizing our suite of advanced protective measures, businesses can be safe in the knowledge that they are shielded from an array of malicious threats.
