The sending emails It is one of the main threats that companies face on a daily basis. In this regard, Barracuda Networks researchers have recently analyzed data from the millions of attachments analyzed by their systems over the past month to identify those that are most likely to be malicious.
Research showing that compared to other types of attachments, HTML attachments they are most often used for ‘malicious’ purposes. In fact, 21% of all HTML attachments analyzed were threatening.
Attachments of this type are particularly common in system-generated email reports that users may regularly receive where they are included. URL links to the actual report.
In this form, the attack is simple. Hackers embed HTML attachments in emails disguised as weekly reports, tricking users into clicking phishing links. These techniques are successful because hackers no longer need to include malicious links in the body of an email, allowing them to easily bypass anti-spam and anti-virus policies.
An attack that cybercriminals execute in a variety of ways, such as credential phishing. Malicious HTML attachments include a link to a phishing site. When opened, it uses a Java script to redirect to a third-party machine and ask users to enter their credentials to access information or download a file that may contain malware. However, hackers don’t always need to create a fake website. They can create a phishing form directly embedded in the attachment, ultimately sending phishing sites as attachments instead of links. These attacks are difficult to detect because the HTML attachments themselves are not malicious.
The attackers do not include the malware in the attachment itself, but instead use multiple redirects with Java script libraries hosted elsewhere.