Malicious links are dominating emails all over the world

News
By published

Hackers are pivoting from Office files to malicious email links

Best email services: image of email with one unread message alert
(Image credit: Future)

Malicious web links are dominating emails all over the world, being used to deliver harmful malware in order to wreak havoc or extort money.

A new research paper by cybersecurity experts Hornetsecurity found that besides malicious web links, hackers are still super interested in phishing. With an increase of almost 4% year-on-year (39.6% - 43.3%), it is still the most common email attack technique. 

Hackers are also constantly evolving their tactics by changing email formats and attachments to best sneak around spam filters.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Impersonating major brands

According to its Cyber Security Report 2024, based on an analysis of 45 billion emails sent last year, Hornetsecurity found the percentage of emails containing harmful web links rose by 144%, rising from 12.5% of all threats last year, to 30.5% this year.

Last year, when Microsoft disabled macros by default in Office, hackers quickly pivoted from Word and Excel files (down 9.5% and 6.7% respectively), to HTML files (37.1% of files analyzed), PDFs (23.3%), and Archive files (20.8%). Of all the new additions, HTML files seem to be the most popular, rising by 76.6% in the last year alone.

When sending malicious emails, hackers are usually impersonating popular brands. DHL takes up 26.1% of all impersonations, Amazon 7.7%, and FedEx 2.3%. Other notable mentions include LinkedIn, Microsoft (both 2.4%), and Netflix (2.2%).

Threat actors also don’t seem to be particularly interested in a specific vertical, or business. While some endpoints may be attacked more frequently, there isn’t a single industry that’s safe from email-borne attacks. 

“If an organization can pay a ransom, it’s a target to cybercriminals,” the researchers said. Notable mentions include the research industry, entertainment companies, and the manufacturing sector.

“Many organizations are too reactive, only responding to specific threats or acting after they have fallen victim," commented Daniel Hofmann, Hornetsecurity CEO.

"This approach leaves them vulnerable to attack. Businesses need a zero-trust mindset to protect themselves and should adopt all-encompassing security services to set their minds at rest.

"Our research highlights the adaptability of cybercriminals, and the rapid shifts that have taken place in the last year.”

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
Fraude en ligne phishing
Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks
Russian flag on a laptop
Hackers are using Russian domains to launch complex document-based phishing attacks
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Help! We're drowning in email spam, it's about to get worse and there's nothing we can do to stop it
An iPhone sitting on a wooden table
Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe
A pair of hands using a keyboard
Microsoft SharePoint hijacked to spread Havoc malware
Latest in Security
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
Latest in News
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Apple Watch Ultra 2 timer
The Apple Watch is getting a sleep alarm upgrade it probably should have had 10 years ago
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
More about security
An abstract image of a lock against a digital background, denoting cybersecurity.

Critical security flaw in Next.js could spell big trouble for JavaScript users
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Collage of tech on offer in the Amazon Big Spring Sale, including a Fire TV, Samsung laptop, Sony headphones, Echo Dot, Kindle, DJI Osmo and Ninja air fryer

The Amazon Spring Sale is here and I've picked the 22 best deals actually worth buying
See more latest
Most Popular
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Teenager playing on a gaming PC with two monitors
Samsung's OLED monitors are about to get much cheaper - and it's about time
Apple Watch Ultra 2 timer
The Apple Watch is getting a sleep alarm upgrade it probably should have had 10 years ago
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera
Google Pixel Watch 3
Google Pixel Watches hit with delayed notifications, crashing, and performance issues following Wear OS 5.1 update
Frank Castle pinning Matt Murdock against a locker in Daredevil: Born Again episode 4
What time is Daredevil: Born Again episode 5 going to be released on Disney+?
AMD Ryzen 9950X
I analyzed 25 AMD Zen 4 and Zen 5 CPUs and the Ryzen 9 9900X is the best of them all right now: Here’s why