Barracuda Networks has released a new Threat Spotlight that shows how, in March, 2023 just under half (45.7%) of all HTML attachments scanned by Barracuda were malicious, more than double the proportion (21%) reported in May 2022. Barracuda researchers analyzed many millions of messages and files scanned by Barracuda’s security technologies.
HTML stands for Hypertext Markup Language, and it is used to create and structure content that is displayed online. It is also used in email communication – for example in automated newsletters, marketing materials, and more. In many cases, reports are attached to an email in HTML format (with the file extension .html, .htm or .xhtml, for example). Attackers can successfully leverage HTML as an attack technique in phishing and credential theft or for the delivery of malware.
The analysis further shows that not only is the overall volume of malicious HTML attachments increasing, nearly a year on from our last report, HTML attachments remain the file type most likely to be used for malicious purposes.
“The security industry has been highlighting the cybercriminal weaponizing HTML for years – and evidence suggests it remains a successful and popular attack tool,” said Fleming Shi, Chief Technology Officer, Barracuda. “Getting the right security in place is as important now as it has ever been. This means having effective, AI-powered email protection in place that can evaluate the content and context of an email beyond scanning links and attachments. Other important elements include implementing robust multifactor authentication or – ideally – Zero Trust Access controls; having automated tools to respond to and remediate the impact of any attack; and training people to spot and report suspicious messages.”