The number of cyberattacks that use malicious HTML attachments has doubled since 2022, according to reports.
These cyberattacks are also increasingly becoming more unique compared to previous variants.
- Researchers have observed a significant increase in the use of malicious HTML attachments in email campaigns by cybercriminals.
- The use of HTML attachments has become popular among cybercriminals due to their ability to bypass traditional email security systems that rely on signature-based detection.
-
On March 7, there were 672,145 malicious HTML artifacts detected in total, comprising 181,176 different items.
This means that 27% of the detected files were unique, and the rest were repeat or mass deployments of those files. - However, on March 23, 85% of the total 475,938 malicious HTML artifacts were unique, which means that almost every single attack was different.
- HTML attachments often contain obfuscated JavaScript that is used to download and execute malicious code on the victim's system.
- Cybercriminals use various social engineering tactics to lure victims into opening these malicious attachments, including pretending to be from legitimate organizations or offering fake job opportunities.
- To prevent falling victim to these types of attacks, individuals and organizations are advised to be cautious when opening email attachments, keep their antivirus software up to date, and enable multi-factor authentication for their email accounts.