The traditional attack methods, such as malicious attachments in the form of executable files and Office documents, have almost disappeared due to the remarkable efforts of security companies and email providers. Cybercriminals' focus has shifted and they now have a new target: HTML files or HTML phishing.
The world of cyberspace is like a high-speed race where time is actually money. Every day, a global community of defenders engages in heated head-to-head competition with a growing army of attackers. It's about who is most adept at using emerging technologies and who is one step ahead of the others in terms of skill and cunning. It's a relentless battle in which security specialists strive to anticipate potential attack routes before they can be exploited by attackers.
HTML Phishing: The New Wave of Cyberattacks
The shift to HTML phishing is a notable development. Security researchers at Trustwave discovered back in October last year that HTML phishing was becoming increasingly popular and posed a serious threat. Recent studies by Check Point, a subsidiary of Avanan, show that 53 percent of malicious attachments are now HTML files.
Unlike their predecessors, these attachments do not contain any malicious code and are therefore not directly dangerous. The trick is that they direct victims to phishing pages where they are then asked to enter their usernames and passwords. Attackers exploit the fact that HTML files can host links, JavaScript, embedded images, HTML entities, and custom CSS to evade detection.
The trick with the HTML files
The genius of using HTML files is that they create an environment completely controlled by threat actors. They can pose as legitimate websites and trick the victim into entering their username and password. Since the victim does not have to be directed to a malicious website that security solutions may identify as suspicious, the chance of a successful attack increases significantly.
The emergence of OneNote Package files as an attack vector since the beginning of this year has also created the need for new protection measures. Microsoft has introduced improvements to curb this abuse.
The danger lies in the link: malvertising and fake login pages
In addition to email attachments, cybercriminals also use links to fake login pages. In a tactic known as malvertising, these malicious links are integrated directly into search results. An innocent-looking click on a search result for well-known software can easily lead to a Trojan that has been introduced by cybercriminals.
The emergence of the Bumblebee malware hiding behind Google ads confirms this trend. Since February, experts at Spamhaus of an increase in this type of social engineering tactic.
Conclusion
In the digital race between defenders and attackers, HTML phishing is the latest wave of cyberattacks, posing serious risks to businesses and individuals. It highlights the need to constantly educate and adapt to stay ahead of increasingly sophisticated and creative attack tactics. Creating security awareness and educating employees is critical to protecting against this growing threat.
Source:
KnowBe4
This might also be of interest:
The rules of the game for cybercriminals are changing
“Threads” in the crosshairs: Treacherous fake apps in the spotlight
Trojan disguises itself as a Windows update until the disaster is done
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

