You’re right - a huge number of your work emails are just spam

2022 sees rise in ‘unwanted’ emails as phishing attacks remain popular

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A large proportion of your workemailsmay not be useful in any way, a new report examining billions of messages has claimed.

Research from Hornetsecurity analyzing 25 billionbusiness emailsfound nearly half (40.5%) are ‘unwanted’, and could even represent a serious threat to businesses.

The report also revealed how email remains an incredibly popular threat vector, with the most common kind of malicious messages beingphishing attacks- emails pretending to be from well-known companies,sometimes quite convincingly- which made up 39.6% of all threats.

False sense of security

When it comes to malicious email attachments, Archive files such as Zip made up the greatest proportion (28% of messages), followed by web files (HTML) at 21%. Text based files were also commonly employed, with taintedMicrosoftWord documents making up 12.7%, PDF 12.4% and Excel 10.4%.

The report also found new methods are being developed by cybercriminals in response to the changing digital landscape. For instance, attacks exploiting the macro capabilities in Microsoft 365 are no longer viable sinceMicrosoft disabled the feature last year, specifically to shore up its security.

Keep yourself secure with the best firewall tools around>Gmail wants to stop political campaign emails going to spam>Unsubscribing from that email may just lead to further spam

As a result of this, new tactics have been adopted.HTML smugglinghas risen, where hidden LNK or ZIP files are contained within web links to deploy malware.

Hornetsecurity CEO Daniel Hofmann warned that given the prevalence ofcloud based systems, such as Microsoft 365, their use should merit the same level of caution. Hornetsecurity’s report found that a quarter of respondents did not know that 365 could be a potential gateway for ransomware - some even presumed it was invulnerable to such threats.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“Ongoing training should be in place to prevent fraudsters from manipulating the trust people have in Microsoft and other office systems”, Hoffman advised. He also made specific mention ofMicrosoft Teams, adding that “it’s also critical to ensure all data shared via this platform is backed up.”

Other reports have found a similarly high - or even higher - proportion of spam emails in people’s accounts. Recent findings from Kaspersky, for instance, put the figure between45-85%.

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics