Over 1 in 20 emails are malicious, warns internet giant Cloudflare

cointelegraphОпубліковано о 2025-12-16Востаннє оновлено о 2025-12-16

Анотація

According to Cloudflare's 2025 year-in-review report, over 5.6% of global email traffic was malicious, meaning more than one in twenty emails contained harmful content. This figure surged to nearly 10% in November. Malicious emails aim to steal credentials, data, or money, with deceptive links being the most common threat category at 52%. Identity deception followed at 38%. The report highlights that crypto investors are particularly at risk, as phishing attacks have grown more complex and damaging. Additionally, highly abused top-level domains include “.christmas,” “.lol,” and “.forum.” Other studies support these findings, noting that a quarter of HTML attachments are malicious and email remains a primary attack vector.

More than 5% of all emails sent worldwide contain malicious content, according to internet infrastructure giant Cloudflare.

The web security giant revealed that an aggregate of 5.6% of global email traffic analyzed by the firm over the past year was found to be malicious. This equates to more than one in every twenty emails containing harmful content.

In November, that figure surged to almost one in ten, nearly double the average for the year, it found.

Malicious emails include those that can cause harm, such as the theft of credentials, data, or money, Cloudflare explained in its 2025 year-in-review report.

The findings are particularly relevant to crypto investors, as phishing attacks targeting crypto traders, investors, and executives have increased in complexity and surged in recent months.

Crypto phishing links can be especially damaging. Once a victim falls for one of these malicious links or sends cryptocurrency to a scammer, there’s usually no way back.

*Malicious emails surged to 9.7% in November. Source:* *Cloudflare*

Deceptive links dominate threat categories

More than half of these malicious emails, or 52%, contained a deceptive link, which was the highest threat category, it reported.

Identity deception was the second-highest at 38%, up from 35% in 2024, as attackers impersonated trusted individuals using spoofed domains, similar-looking domains, or display name tricks.

Related: Email auto-reply vulnerability allows hackers to mine cryptocurrency

Cloudflare also revealed that the most abused top-level domain (TLD) extension was “.christmas,” with 92.7% malicious emails and 7.1% spam originating from this domain type.

Other highly abused domain names included “.lol,” “.forum,” “.help,” “.best” and “.click.”

*Deceptive links were the highest threat category among malicious emails. Source:* *Cloudflare*

A quarter of HTML attachments are malicious

Earlier this year, researchers at cybersecurity company Barracuda analyzed 670 million emails that were malicious or unwanted spam.

They discovered that email remains the most common attack vector for cyber threats, with malicious attachments and links being used to distribute malware, launch phishing campaigns, and exploit vulnerabilities.

As many as one in four emails were unwanted spam, a quarter of all HTML attachments were malicious, and 12% of malicious PDF attachments were Bitcoin scams, they reported.

In November, Hornet Security reported that email was a “consistent delivery vector” for cyberattacks in 2025, with malware-laden emails surging by 131% year-over-year.

Magazine: Do Kwon sentenced to 15 years, Bitcoin’s ‘choppy dance’: Hodler’s Digest

Пов'язані матеріали

$292 Million KelpDAO Cross-Chain Bridge Hack: Who Should Foot the Bill?

On April 18, 2026, an attacker stole 116,500 rsETH (worth ~$292M) from KelpDAO’s cross-chain bridge in 46 minutes—the largest DeFi exploit of 2026. The stolen assets were deposited into Aave V3 as collateral, causing $177–200M in bad debt and triggering a cascade of losses across nine DeFi protocols. Aave’s TVL dropped by ~$6B overnight. This legal analysis argues that KelpDAO and LayerZero Labs share concurrent liability, with fault apportioned 60%/40%. KelpDAO negligently configured its bridge with a 1-of-1 decentralized verifier network (DVN)—a single point of failure—despite LayerZero’s explicit recommendation of a 2-of-3 setup. LayerZero, which operated the compromised DVN, failed to secure its RPC infrastructure against a known poisoning attack vector. Both protocols’ terms of service cap liability at $200 (KelpDAO) or $50 (LayerZero), but these limits are likely unenforceable due to unconscionability, gross negligence exceptions, and potential securities law invalidation (if rsETH is deemed a security under the Howey test). Aave’s governance also faces fiduciary duty claims for raising rsETH’s loan-to-value ratio to 93%—far above competitors’ 72–75%—without adequately assessing bridge risks, amplifying the systemic fallout. Practical recovery targets include LayerZero Labs (a registered Canadian entity), KelpDAO’s founders, auditors, and identifiable Aave governance delegates. The incident underscores escalating legal risks for DeFi protocols, infrastructure providers, and governance participants.

marsbit3 хв тому

$292 Million KelpDAO Cross-Chain Bridge Hack: Who Should Foot the Bill?

marsbit3 хв тому

Insider Trading in War: 5 People Involved, the Highest Earner Was Arrested

On April 24, the U.S. Department of Justice arrested U.S. Army Special Forces Staff Sergeant Gannon Ken Van Dyke for insider trading related to the capture of Venezuelan President Nicolás Maduro on January 3. Van Dyke allegedly profited over $400,000 by placing bets on a prediction market, Polymarket, using insider knowledge of the covert operation. According to the indictment, Van Dyke registered an account (0x31a5) on December 26 and made a series of bets predicting Maduro’s capture and U.S. military involvement in Venezuela. He withdrew most of his funds on the day of the operation and attempted to obscure his tracks by transferring assets through crypto and brokerage accounts. This case marks the first time the DOJ has prosecuted insider trading on Polymarket. PolyBeats had previously identified five suspicious accounts, including Van Dyke’s—the highest earner—in January. The other accounts, with profits ranging from $34,000 to $145,000, remain under unofficial scrutiny but have not been charged. Their lower profits, indirect access to information, and unclear legal boundaries may complicate prosecution. Polymarket has since strengthened its market integrity rules, explicitly prohibiting trading based on confidential or insider information. Van Dyke’s arrest, nearly four months after his trades, signals increased regulatory attention and the persistent traceability of blockchain-based transactions.

marsbit5 хв тому

Insider Trading in War: 5 People Involved, the Highest Earner Was Arrested

marsbit5 хв тому

Bitcoin HODLing Intensifies: LTH Supply Jumps 303,000 BTC

Bitcoin long-term holders (LTHs), defined as investors holding coins for over 155 days, have significantly increased their supply by 303,500 BTC over the past month, indicating a shift toward HODLing behavior. This contrasts with the net distribution observed in late 2025. Meanwhile, short-term holders and spot ETFs have seen reduced supply. However, the recent price rally to around $77,600 is primarily driven by futures market demand, not spot buying—a pattern to January's short-lived surge. Analysts warn of potential corrections if profit-taking occurs amid weak spot demand.

bitcoinist26 хв тому

Bitcoin HODLing Intensifies: LTH Supply Jumps 303,000 BTC

bitcoinist26 хв тому

Bitwise: Bullish on Bitcoin's Performance in the Second Half of the Year, AI and Regulation Will Spark a New Altcoin Season

Bitwise CIO Matt Hougan and Research Lead Ryan Rasmussen express strong bullish sentiment on Bitcoin's long-term prospects, suggesting that its $1 million price target may be too conservative. They argue Bitcoin serves a dual role: as digital gold and a potential global settlement asset, especially amid declining trust in traditional monetary systems. Despite a weak Q1 2026 where nearly all crypto assets and prices saw double-digit declines, the analysts remain optimistic due to strong forward-looking catalysts, including institutional adoption via Bitcoin ETFs from major firms like Morgan Stanley and Goldman Sachs. Geopolitical instability, such as Iran’s mention of using Bitcoin for international payments, increases the value of Bitcoin’s “out-of-the-money call option” as a non-political, global settlement currency. This enhances its appeal beyond a mere store of value. . Additionally, Hougan highlights that a clearer regulatory token framework under current SEC leadership, combined with AI efficiency gains and high-performance blockchains, could fuel a new “altseason” by late 2026. This may lead to a wave of legitimate, value-capturing token projects, unlike the earlier ICO boom. . Bitwise also announced an Avalanche ETF, citing its unique architecture and rapid growth in real-world asset (RWA) tokenization, which has surged 10x to nearly $30 billion in two years. The firm believes Layer 1 blockchains are still early in their growth cycle, with significant potential ahead.

marsbit51 хв тому

Bitwise: Bullish on Bitcoin's Performance in the Second Half of the Year, AI and Regulation Will Spark a New Altcoin Season

marsbit51 хв тому

Bitcoin Rally To Near $80K Fuels Sharp Sentiment Rebound Across Crypto Markets

Bitcoin's recent rally towards $80,000 has driven a significant rebound in crypto market sentiment, with the Fear & Greed Index jumping 14 points to 46—its highest level since January. Analysts note that over 300,000 BTC have shifted from short-term to long-term holders in the past month, signaling stronger investor conviction. However, the rally appears largely driven by perpetual futures speculation rather than spot market demand, raising concerns about sustainability. Retail participation also remains subdued, limiting further sentiment gains. While entities like Strategy (formerly MicroStrategy) continue accumulating BTC, weak spot interest could lead to a price correction if profit-taking occurs.

bitcoinist1 год тому

Bitcoin Rally To Near $80K Fuels Sharp Sentiment Rebound Across Crypto Markets

bitcoinist1 год тому

Торгівля

Спот

Ф'ючерси

Популярні статті

Як купити T

Ласкаво просимо до HTX.com! Ми зробили покупку Threshold Network Token (T) простою та зручною. Дотримуйтесь нашої покрокової інструкції, щоб розпочати свою криптовалютну подорож.Крок 1: Створіть обліковий запис на HTXВикористовуйте свою електронну пошту або номер телефону, щоб зареєструвати обліковий запис на HTX безплатно. Пройдіть безпроблемну реєстрацію й отримайте доступ до всіх функцій.ЗареєструватисьКрок 2: Перейдіть до розділу Купити крипту і виберіть спосіб оплатиКредитна/дебетова картка: використовуйте вашу картку Visa або Mastercard, щоб миттєво купити Threshold Network Token (T).Баланс: використовуйте кошти з балансу вашого рахунку HTX для безперешкодної торгівлі.Треті особи: ми додали популярні способи оплати, такі як Google Pay та Apple Pay, щоб підвищити зручність.P2P: Торгуйте безпосередньо з іншими користувачами на HTX.Позабіржова торгівля (OTC): ми пропонуємо індивідуальні послуги та конкурентні обмінні курси для трейдерів.Крок 3: Зберігайте свої Threshold Network Token (T)Після придбання Threshold Network Token (T) збережіть його у своєму обліковому записі на HTX. Крім того, ви можете відправити його в інше місце за допомогою блокчейн-переказу або використовувати його для торгівлі іншими криптовалютами.Крок 4: Торгівля Threshold Network Token (T)Легко торгуйте Threshold Network Token (T) на спотовому ринку HTX. Просто увійдіть до свого облікового запису, виберіть торгову пару, укладайте угоди та спостерігайте за ними в режимі реального часу. Ми пропонуємо зручний досвід як для початківців, так і для досвідчених трейдерів.

378 переглядів усьогоОпубліковано 2024.12.10Оновлено 2025.03.21

Обговорення

Ласкаво просимо до спільноти HTX. Тут ви можете бути в курсі останніх подій розвитку платформи та отримати доступ до професійної ринкової інформації. Нижче представлені думки користувачів щодо ціни T (T).