Over 45% of HTML attachments found to be malicious: Report
Cloud-first security solutions provider Barracuda Networks found that over 45% of all the HTML attachments scanned by the company were found to be malicious. As per Barracuda’s Threat Spotlight report, this is an increase from 21% reported in May 2022.
HTML stands for Hypertext Markup Language and is used for structuring online content, along with email communications. HTML files come with extensions like .html, .htm, or .xhtml; they can be leveraged by bad actors in phishing credentials or in malware delivery. The Barracuda report further showed that the overall volume of malicious HTML attachments is increasing year by year. This file type is most likely to be used for malicious purposes, the study added.
“The security industry has been highlighting the cybercriminal weaponizing HTML for years — and evidence suggests it remains a successful and popular attack tool,” said Fleming Shi, Chief Technology Officer, Barracuda. “Getting the right security in place is as important now as it has ever been. This means having effective, AI-powered email protection in place that can evaluate the content and context of an email beyond scanning links and attachments. Other important elements include implementing robust multifactor authentication or — ideally — Zero Trust Access controls; having automated tools to respond to and remediate the impact of any attack; and training people to spot and report suspicious messages.”
A corrupt HTML file redirects the user to a phishing site or other malicious content via JavaScript libraries. Users are then asked to enter their credentials to access information or download file that may contain malware.
Barracuda’s study has now found that in some cases, the HTML file itself includes sophisticated malware with malicious payload embedded within it. This technique is gaining popularity.