28-04-2025
New Warning Issued As 30 Dangerous Emails Used In Hack Attacks
Malicious email comprises 25% of your daily inbox.
getty
What's the most dangerous thing you do every day at your computer or smartphone? For most people, I would argue, the answer is checking your emails. It's why the likes of Microsoft have introduced strict new email rules for Outlook users, following in the footsteps of Google doing likewise for those using Gmail. I mean, it's not surprising given that attackers use email as a conduit to password and 2FA code theft, and the FBI is now warning people not to click on anything. Now a shocking new report has revealed the true extent to which the communication threat extends, with a staggering 30 malicious emails a day arriving on average.
On March 15, I reported that threat analysts working at Hornet Security had confirmed its customers were subject to an astonishing 427.8 million dangerous emails during 2024 alone. And that's just one security organization reporting on its own customer base.
The latest Barracuda email threats report, published April 28, doesn't paint a brighter picture, truth be told. If anything, the new analysis just brings the risk your emails present into a brighter light to illuminate the darkness of the email threat landscape.
The key takeaways from the report highlight the problem by the numbers:
Given that, on average, an individual receives some 121 emails each and every day, that equates to around 30 dangerous emails that you need to protect against.
'Malicious email attachments, QR codes and URLs are used by attackers to distribute malware, launch phishing campaigns and exploit vulnerabilities,' Olesia Klevchuk, product marketing director for email protection at Barracuda, said. The failure of organisations to implement DMARC protections, which would otherwise make it much harder for attackers to impersonate their brand and implement fraudulent attacks using malicious emails, isn't helping. 'Organizations need to mitigate the risks by implementing best practice industry standards and adopting a multi-layered approach to email security,' Klevchuk concluded, 'leveraging AI-driven threat detection to spot attacks hidden in attachments and malicious websites.'
