Phishing Threat Actors Still Fond of HTML Attachments

In 2022 HTML files are still one of the most prevalent attachments used in phishing scams, indicating that the method continues to be successful against spam detection software and works well on the targets themselves.

As per Wikipedia, the HTML (HyperText Markup Language) is the standard markup language for documents developed to be displayed in a web browser. It can be aided by technologies like Cascading Style Sheets (CSS) and programming languages such as JavaScript.

HTML documents are received from a web server or local storage by the web browsers and rendered into multimedia web pages. HTML describes the structure of a web page semantically and originally included cues for the appearance of the document.

HTML files are frequently used in phishing emails to lead victims to malicious websites, download files, or even show phishing forms locally within the browser.

Because HTML is not malicious, attachments are often overlooked by email security software, resulting in a successful delivery to targets’ inboxes.

Source

How HTML Avoids Detection

In HTML attachments, phishing forms, redirection techniques, and data-stealing components are usually implemented using several tactics, varying from simple redirects to obfuscating JavaScript to conceal phishing forms.

When attachments are present in email

Read More: https://heimdalsecurity.com/blog/phishing-threat-actors-still-fond-of-html-attachments/