Attackers are increasingly using malicious HTML files in their attacks, according to researchers, who note that malicious files now make up half of all HTML attachments delivered via email. This increase in the prevalence of harmful HTML is double what it was last year, and it doesn’t seem to be the consequence of widespread attack efforts that send the same document to lots of individuals.
Inside email correspondence, HTML, the common markup language for presenting Web material, has numerous useful applications. For instance, email reports generated by various apps and technologies and sent to enterprise users are common. When they encounter this kind of attachment, they are not suspicious, therefore email security gateway filters cannot outright prohibit this kind of attachment.