Malicious web links dominate emails around the world and are used to spread malicious malware to wreak havoc or extort money.
A new research article by cybersecurity experts Hornetsecurity shows that hackers are still very interested in phishing in addition to malicious web links. With an increase of almost 4% year-on-year (39.6% – 43.3%), it is still the most common email attack technique.
Hackers are also constantly evolving their tactics by changing email formats and attachments to best sneak around spam filters.
Imitating big brands
According to his Cyber Security Report 2024Based on an analysis of 45 billion emails sent last year, Hornetsecurity found that the percentage of emails containing malicious web links increased by 144%, from 12.5% of all threats last year to 30.5% this year. year.
When Microsoft disabled macros by default in Office last year, hackers quickly switched from Word and Excel files (down 9.5% and 6.7% respectively) to HTML files (37.1% of files analyzed) , PDFs (23.3%) and archive files. (20.8%). Of all the new additions, HTML files seem to be the most popular, with a 76.6% increase in the past year alone.
When sending malicious emails, hackers usually pose as popular brands. DHL accounts for 26.1% of all imitations, Amazon 7.7% and FedEx 2.3%. Other notable mentions include LinkedIn, Microsoft (both 2.4%) and Netflix (2.2%).
Threat actors also do not appear to be particularly interested in any specific industry or industry. While some endpoints are more likely to be attacked, no sector is safe from email attacks.
“If an organization can pay a ransom, it is a target for cybercriminals,” the researchers said. Notable mentions include the research industry, entertainment companies and the manufacturing sector.
“Many organizations are too reactive, only responding to specific threats or only acting after they have been victimized,” said Daniel Hofmann, CEO of Hornetsecurity.
“This approach makes them vulnerable to attacks. Businesses need a zero-trust mentality to protect themselves and deploy comprehensive security services to give them peace of mind.
“Our research highlights the adaptability of cybercriminals and the rapid shifts that have occurred over the past year.”