Background Press Release

Use of malicious web links in emails has risen by 144% in 2023 – new Hornetsecurity report

Written by Hornetsecurity / 28.11.2023 /
Home » Blog » Use of malicious web links in emails has risen by 144% in 2023 – new Hornetsecurity report
  • Hornetsecurity’s Cyber Security Report 2024 reveals phishing remains top email threat, accounting for 43.3% of attacks, but malicious URLs jumped from 12.5% to 30.5% YoY
  • Analysis of more 45 billion emails reveals more than a third (36.4%) are unwanted

Hanover, Germany (28 November 2023) – Hornetsecurity has today launched its Cyber Security Report 2024, which reveals the growing threat of cybercriminals using harmful web links in emails. An analysis of 45 billion emails found a 144% increase in this type of attack compared to last year, rising from 12.5% of all threats in 2022 to 30.5% this year.

It is phishing, however, that remains the most common email attack technique. Its use increased by nearly 4 percentage points this year, rising from 39.6% to 43.3% of all email attacks.

Commenting on the latest report findings, Daniel Hofmann, Hornetsecurity CEO, said: “Email continues to be one of the key methods of attack that threat actors use – and it’s essential that firms of all sizes, and across all sectors, put in place a robust email security strategy to future-proof their business. The boom in malicious web links and steady rise in phishing demonstrates that organizations cannot underestimate the damage such threats can cause, and must ensure they use next gen security service while also maintaining security awareness throughout the workplace.”

Changing face of threats

Of the 45 billion emails analysed, more than a third (36.4%) were categorised as unwanted. Within this category, just over 3.6% – or more than 585 million – were identified as malicious. This represents the widespread nature of the risk, with a vast number of emails posing potential threats.

Most used file types in malicious emails
Most-used file types in malicious emails

Threat actors are savvy and adaptable. In the last year, following Microsoft disabling macros by default in Office, there was a significant decline in the use of DOCX files (by 9.5 percentage points) and XLSX files (by 6.7 percentage points). Instead, cyber-criminals opted for HTML files (37.1% of files analysed), PDFs (23.3%) and Archive files (20.8%). HTML file usage is a particularly notable trend: usage rose by 76.6% over the last year.

Brand impersonation continues to target victims, soliciting sensitive information via phishing. Shipping and e-commerce emails are to be regarded with particular caution: DHL accounts for 26.1% of all impersonations, Amazon 7.7% and Fedex 2.3%. All three were in the top 10 most spoofed. Other popular brands, including LinkedIn, Microsoft (both 2.4%), and Netflix (2.2%), also featured in the top 10.

Industries at risk

This latest Hornetsecurity research confirms that almost every type of business is currently under threat. If an organisation can pay a ransom, it is a target to cyber criminals. However, some industries are at a slightly increased risk.

The research industry is often targeted due to the intellectual property it handles. Entertainment companies are attacked due to the money they handle, such as the 2023 attacks on MGM and Caesars Casinos. Meanwhile, the manufacturing sector is often seen as an easy target for cyber attackers because companies tend to use many IoT devices that can render them vulnerable if not properly secured.

Hofmann added: “Many organisations are too reactive, only responding to specific threats or acting after they have fallen victim. This approach leaves them vulnerable to attack. Businesses need a zero-trust mindset to protect themselves and should adopt all-encompassing security services to set their minds at rest. Our research highlights the adaptability of cybercriminals, and the rapid shifts that have taken place in the last year.

“Companies have a duty to take care of basic security hygiene, train and support all employees, and invest in quality security.”

Cyber Security Report 2024

To read the full Cyber Security Report, including its predictions for 2024, please visit: https://www.hornetsecurity.com/en/cyber-security-report/

For a panel discussion about the findings of this report, please visit: https://www.hornetsecurity.com/en/webinar-decoding-the-cyber-security-report/


Notes to Editor:

  • The study was conducted by Hornetsecurity’s Security Lab, which reviewed more than 45 billion emails that were processed through Hornetsecurity’s security services, during the reporting period (1 November 2022 – 1 November 2023).
  • For further information and resources, please see Chapter 5 in the full report: https://www.hornetsecurity.com/en/cyber-security-report/

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.

Media enquiries

Please contact us at press@hornetsecurity.com

You might also be interested in: