HTML Attachments: Increased Security Risk – What You Should Know

According to a new report from Barracuda, a growing number of emails are being loaded with malicious or harmful HTML attachments. The report found that almost half (46%) of HTML attachments in emails scanned by Barracuda were found to be malicious. The Hypertext Markup Language (HTML) is increasingly being used in phishing, credential theft, and other forms of cyberattacks. If a recipient opens the HTML file, they will be redirected via JavaScript libraries hosted elsewhere to a phishing site or other malicious content controlled by the attackers. Users are then asked to enter their credentials to access information or download a file that may contain malware. In some cases, the HTML file itself includes sophisticated malware with the complete malicious payload embedded within it, including potent scripts and executables. This attack technique is becoming more widely used than those involving externally hosted JavaScript files.

The CTO of Barracuda, Fleming Shi, said that the HTML threats are being distributed via countless individual attacks, rather than a handful of mass events. On March 7, there were 672,145 malicious HTML artifacts detected in total, comprising 181,176 different items. This means that around a quarter (27%) of the detected files were unique and the rest were repeat or mass deployments of those files. However, on March 23, almost nine in ten (85%) of the total 475,938 malicious HTML artifacts were unique – which means that almost every single attack was different.

The figures are pointing to HTML attachments remaining one of the most common ways to deliver malware through email. The blog concludes that it’s pivotal for businesses to have the right security solutions set up. This means having effective, AI-powered email protection in place that can evaluate the content and context of an email beyond scanning links and attachments.

Multi-factor authentication, zero-trust access controls, as well as automation in response and attack remediation, is also essential to any organization’s cybersecurity tech stack, right next to employee training, Shi concluded.