Nearly half of all HTML attachments are malicious, finds Barracuda

A new Barracuda Threat Spotlight shows how, in March, 2023 just under half (45.7%) of all HTML attachments scanned by the company were malicious. The follows a steady upward trend in the proportion of malicious HTML files since Barracuda’s last report on the threat in May 2022 when the proportion was less than half (21%) of the current value. In comparison only 0.03% and 0.009% the highly popular Microsoft Office and PDF file types were found to be malicious.

The data follows analysis by Barracuda researchers of many millions of messages and files scanned by the company’s security technologies. “The security industry has been highlighting the cybercriminal weaponizing HTML for years – and evidence suggests it remains a successful and popular attack tool,” said Fleming Shi, Chief Technology Officer, Barracuda.

Barracuda’s analysis further shows that not only is the overall volume of malicious HTML attachments increasing, nearly a year on since the company’s last report, HTML attachments remain the file type most likely to be used for malicious purposes.

“Getting the right security in place is as important now as it has ever been. This means having effective, AI-powered email protection in place that can evaluate the content and context of an email beyond scanning links and attachments. Other important elements include implementing robust multifactor authentication or – ideally – Zero Trust Access controls; having automated tools to respond to and remediate the impact of any attack; and training people to spot and report suspicious messages,” said Shi.