Organizations Can’t Ignore the Surge in Malicious Web Links

Cyber Security Threat Summary:
Based on research conducted by Hornetsecurity, there has been an increasing trend of cybercriminals embedding malicious web links in emails to target victims. From an analysis of 45 billion emails, researchers concluded a 144% increase in this type of attack compared to 2022. Last year Microsoft disabled macros by default in Office, leading to a decline in the use of DOCX files (by 9.5 percentage points) and XLSX files (6.7 percentage points). Despite this, phishing emails continue to rise, with actors now opting to malicious HTML files in emails, accounting for an overall 76.6% increase over the last year.

Security Officer Comments:
With a surge in phishing attacks, organizations should prioritize improving their security hygiene and training employees on how to detect and avoid such threats. As the holidays approach, we will likely see an increase in actors impersonating brands to target victims. In particular shipping and e-commerce emails impersonating DHL, Amazon, Fedex, etc. should be treated with caution as threat actors are known for creating fake invoices to gather sensitive details from unsuspecting users.