Over 1 in 20 emails are malicious, warns internet giant Cloudflare

cointelegraphPublished on 2025-12-16Last updated on 2025-12-16

Abstract

According to Cloudflare's 2025 year-in-review report, over 5.6% of global email traffic was malicious, meaning more than one in twenty emails contained harmful content. This figure surged to nearly 10% in November. Malicious emails aim to steal credentials, data, or money, with deceptive links being the most common threat category at 52%. Identity deception followed at 38%. The report highlights that crypto investors are particularly at risk, as phishing attacks have grown more complex and damaging. Additionally, highly abused top-level domains include “.christmas,” “.lol,” and “.forum.” Other studies support these findings, noting that a quarter of HTML attachments are malicious and email remains a primary attack vector.

More than 5% of all emails sent worldwide contain malicious content, according to internet infrastructure giant Cloudflare.

The web security giant revealed that an aggregate of 5.6% of global email traffic analyzed by the firm over the past year was found to be malicious. This equates to more than one in every twenty emails containing harmful content.

In November, that figure surged to almost one in ten, nearly double the average for the year, it found.

Malicious emails include those that can cause harm, such as the theft of credentials, data, or money, Cloudflare explained in its 2025 year-in-review report.

The findings are particularly relevant to crypto investors, as phishing attacks targeting crypto traders, investors, and executives have increased in complexity and surged in recent months.

Crypto phishing links can be especially damaging. Once a victim falls for one of these malicious links or sends cryptocurrency to a scammer, there’s usually no way back.

*Malicious emails surged to 9.7% in November. Source:* *Cloudflare*

Deceptive links dominate threat categories

More than half of these malicious emails, or 52%, contained a deceptive link, which was the highest threat category, it reported.

Identity deception was the second-highest at 38%, up from 35% in 2024, as attackers impersonated trusted individuals using spoofed domains, similar-looking domains, or display name tricks.

Related: Email auto-reply vulnerability allows hackers to mine cryptocurrency

Cloudflare also revealed that the most abused top-level domain (TLD) extension was “.christmas,” with 92.7% malicious emails and 7.1% spam originating from this domain type.

Other highly abused domain names included “.lol,” “.forum,” “.help,” “.best” and “.click.”

*Deceptive links were the highest threat category among malicious emails. Source:* *Cloudflare*

A quarter of HTML attachments are malicious

Earlier this year, researchers at cybersecurity company Barracuda analyzed 670 million emails that were malicious or unwanted spam.

They discovered that email remains the most common attack vector for cyber threats, with malicious attachments and links being used to distribute malware, launch phishing campaigns, and exploit vulnerabilities.

As many as one in four emails were unwanted spam, a quarter of all HTML attachments were malicious, and 12% of malicious PDF attachments were Bitcoin scams, they reported.

In November, Hornet Security reported that email was a “consistent delivery vector” for cyberattacks in 2025, with malware-laden emails surging by 131% year-over-year.

Magazine: Do Kwon sentenced to 15 years, Bitcoin’s ‘choppy dance’: Hodler’s Digest

Bitcoin Trader Says Cycle Tops And Bottoms Match Exact Day Counts

A Bitcoin trader claims to have discovered a remarkably precise timing pattern in Bitcoin's market cycles, suggesting they repeat to the exact day. According to the trader, bull-market runs from cycle low to high in the 2014-2017, 2018-2021, and 2022-2025 periods each lasted precisely 1,064 days. Similarly, bear-market declines from peak to trough in 2017-2018 and 2021-2022 allegedly lasted exactly 364 days. Such a pattern would offer traders a simple, calendar-based framework for anticipating market turns. However, the article highlights significant risks with such exact-cycle claims, noting they can depend heavily on cherry-picking specific price peaks and troughs to fit the narrative. Factors like Bitcoin halvings, macro conditions, and investor psychology influence markets but don't guarantee perfect day-count windows. Despite the skepticism warranted towards precise date predictions, cycle theories remain powerful narratives in crypto. They provide traders with a story to frame market uncertainty and timing decisions, especially during periods of consolidation. The takeaway is that while these patterns are interesting as social-market commentary, they should not be relied upon alone for making concrete price predictions.

bitcoinist1h ago

Bitcoin Trader Says Cycle Tops And Bottoms Match Exact Day Counts

bitcoinist1h ago

$9.4 Billion: The Largest Robotics Funding This Year Has Emerged

Munich-based humanoid robotics company Neura has completed a $1.4 billion (approximately RMB 94.9 billion) Series C funding round, valuing the company at around $7 billion and positioning it among the global leaders in the sector. The investment round is notable not just for its size—reportedly the largest in robotics this year—but also for its strategic backers, which include tech giants like NVIDIA and Amazon, alongside established industrial players such as German engineering firms Bosch and Schaeffler. This mix of investors signals a significant shift in the industry's focus from technological demonstrations and general-purpose narratives toward practical, industrial deployment and commercialization. Neura's approach centers on developing humanoid robots for defined, high-value industrial tasks rather than pursuing a general-purpose model. Its early validation comes from a partnership with BMW, where its robots are being tested on actual production lines. The involvement of Bosch and Schaeffler, companies deeply embedded in global manufacturing, underscores a growing belief that humanoid robots are transitioning from labs to viable factory-floor solutions. The article highlights two converging trends driving investment: advancements in AI and large language models, which enhance robots' perception and decision-making in unstructured environments, and mounting pressure from labor shortages and rising costs in major manufacturing regions. The funding landscape is now bifurcating between companies like Figure AI, focusing on versatile general-purpose robots, and firms like Neura, targeting specific vertical industrial applications with clearer, shorter paths to ROI. While technical hurdles remain, the core challenges for widespread adoption are increasingly seen as engineering and commercial in nature: managing the high integration and customization costs for different factory environments and establishing robust, localized maintenance and service networks. The record investment in Neura, particularly from industrial capital, indicates the industry's growing confidence in moving from proving feasibility to solving the practical problems of scalability, reliability, and building sustainable business models around humanoid robots in real-world settings like automotive manufacturing and hazardous labor environments.

marsbit6h ago

$9.4 Billion: The Largest Robotics Funding This Year Has Emerged

marsbit6h ago

Coinbase And Ethena Launch High Yield USDC Vault Powered By Morpho

Coinbase has launched a new High Yield USDC Vault in collaboration with Ethena Labs and powered by Morpho, curated by Steakhouse Financial. This marks the first live product from the Coinbase-Ethena partnership, offering Coinbase users access to enhanced yields through a simplified interface. Unlike Coinbase's more conservative vaults, this product accepts a broader collateral mix, including synthetic assets like Ethena's USDe, which allows for higher potential returns but introduces greater risks related to collateral behavior and market dynamics. The annual percentage yields (APYs) are dynamic and not guaranteed. The launch underscores a trend of centralized exchanges packaging complex DeFi strategies into user-friendly products, expanding access while highlighting the need for clear risk disclosure. The vault is currently available to eligible users in the U.S. (excluding New York) and select international markets.

bitcoinist10h ago

Coinbase And Ethena Launch High Yield USDC Vault Powered By Morpho

bitcoinist10h ago

Anthropic Pre-IPO Market Falls After US Directive Forces Model Shutdown

The U.S. government directed Anthropic to globally suspend access to its Claude Fable 5 and Claude Mythos 5 AI models for all foreign nationals, citing national security concerns. The emergency export control order followed reports of a non-universal jailbreak vulnerability. Anthropic pushed back, arguing the government provided only verbal evidence of a narrow prompt technique to find minor, known software flaws, and warned that applying such a standard broadly could halt new model deployments across the frontier AI industry. The directive impacted Anthropic's pre-IPO market valuation, with a key perpetual contract falling 3.7%. This highlights how AI regulation is becoming a tradable event, as crypto-linked instruments allow rapid speculation on regulatory news. The incident underscores the integration of AI infrastructure into speculative markets, where valuations can react instantly to government actions, often faster than public evidence emerges.

bitcoinist12h ago

Anthropic Pre-IPO Market Falls After US Directive Forces Model Shutdown

bitcoinist12h ago

Exploit Wallet Converts Stolen Tokens Into 18,510 ETH And 1,548 BNB

An exploit-linked wallet has reportedly converted stolen assets into 18,510 ETH (approximately $30.83 million) and 1,548 BNB ($924,000). According to on-chain tracking data cited by WuBlockchain and Lookonchain, the attacker sold compromised "H tokens" to obtain these more liquid assets and still holds an additional 111.36 million H tokens worth about $14 million. This conversion into major cryptocurrencies like ETH and BNB is a common step after an exploit, as attackers move from illiquid, traceable tokens toward deeper, more liquid assets. This consolidation can signal potential next steps, such as moving funds through bridges or mixers, and complicates recovery efforts for security teams. While blockchain analysis provides real-time visibility into such transactions, the identity of the wallet controller often remains uncertain. The data serves as a valuable snapshot of fund movement, highlighting the role of on-chain monitors in tracking security incidents before official investigations are complete.

bitcoinist14h ago

Exploit Wallet Converts Stolen Tokens Into 18,510 ETH And 1,548 BNB

bitcoinist14h ago

Trading

Spot

Futures

Hot Articles

How to Buy T

Welcome to HTX.com! We've made purchasing Threshold Network Token (T) simple and convenient. Follow our step-by-step guide to embark on your crypto journey.Step 1: Create Your HTX AccountUse your email or phone number to sign up for a free account on HTX. Experience a hassle-free registration journey and unlock all features.Get My AccountStep 2: Go to Buy Crypto and Choose Your Payment MethodCredit/Debit Card: Use your Visa or Mastercard to buy Threshold Network Token (T) instantly.Balance: Use funds from your HTX account balance to trade seamlessly.Third Parties: We've added popular payment methods such as Google Pay and Apple Pay to enhance convenience.P2P: Trade directly with other users on HTX.Over-the-Counter (OTC): We offer tailor-made services and competitive exchange rates for traders.Step 3: Store Your Threshold Network Token (T)After purchasing your Threshold Network Token (T), store it in your HTX account. Alternatively, you can send it elsewhere via blockchain transfer or use it to trade other cryptocurrencies.Step 4: Trade Threshold Network Token (T)Easily trade Threshold Network Token (T) on HTX's spot market. Simply access your account, select your trading pair, execute your trades, and monitor in real-time. We offer a user-friendly experience for both beginners and seasoned traders.

12.0k Total ViewsPublished 2024.03.29Updated 2026.06.02

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of T (T) are presented below.