top of page
Writer's pictureInno-Thought Team

Nearly Half a Billion Emails in 2024 Were Malicious

  • The study was conducted by Hornetsecurity’s in-house Security Lab, which reviewed more than 55.6 billion emails that were processed through Hornetsecurity’s security services during the reporting period November 1, 2023 to October 31, 2024.

  • One-third of all emails received are unwanted, with 2.3% of unwanted emails containing malicious content

  • Phishing remains the top email threat, accounting for a third of attacks – despite other popular emerging attack types



Hornetsecurity’s annual Cybersecurity Report has revealed that a third (36.9%) of all emails received by businesses (20.5 billion) in 2024 were unwanted. Of these, 2.3% contain malicious content, totalling 427.8 million emails.


 

The Cybersecurity Report is an annual analysis of the Microsoft 365 threat landscape, powered by real-world data meticulously examined by Hornetsecurity’s expert Security Lab team. In 2024 alone, Hornetsecurity processed over 55.6 billion emails, offering unparalleled insights into emerging threats, critical vulnerabilities, and key trends. This data-driven report enables businesses to anticipate future Microsoft 365 security challenges and take proactive measures to safeguard their operations.

 

What’s inside the report


  • Key email threat insights from a detailed analysis of over 55.6 billion emails

  • The most prevalent cyber threats, including phishing and credential theft

  • Emerging trends in social engineering and cloud security

  • Industry-specific threat data

  • Actionable advice to protect against evolving attack methods in 2025


Once again, phishing remains the most prevalent form of attack, responsible for a third of all cyber-attacks in 2024. This was confirmed by the analysis of 55.6 billion emails, showing that Phishing remains a top concern consistently year over year. Malicious URLs and advanced fee scams were responsible for 22.7% and 6.4% respectively.


Commenting on the findings, Daniel Hofmann, Hornetsecurity CEO, said: “These findings highlight both progress and new challenges in the fight against cyber threats. While it’s encouraging to see some consistency in attack methods, for defensive purposes, the shift toward more targeted social engineering tactics means businesses must stay vigilant.


“With over 427 million malicious emails still reaching inboxes, it’s clear that cybersecurity strategies must evolve to stay ahead of increasingly sophisticated threats. This data underscores the need for stronger email security coupled with user awareness to keep organisations safe.”


Rise in reverse-proxy credential theft


Nearly every malicious file type saw a decrease compared to last year. However, HTML files (20.4%), PDFs (19.2%), and Archive (17.6%) files remain in the top three spots in a continuation from 2023.


The data shows a decrease in the use of malicious attachments, this is due to a rise in reverse-proxy credential theft attacks over the past year, which use social engineering and malicious links (not attachments) to trick users. These attacks redirect users to fake login pages that capture credentials in real-time, even bypassing two-factor authentication.


Malicious URLs are the second most common type of attack, making up 22.7% of all attacks. Their use surged in 2023 and continues to grow as attackers use them in credential-stealing attempts. Tools such as Evilginx allow attackers to set up fake login pages to trick users into entering their credentials, which are then captured.


Rising targeted attacks across all industries


Due to the net decline in attacks, the threat index for nearly every industry dropped during the data period compared to 2023. However, the data continues to show that every industry is under attack – with mining, entertainment, and manufacturing being the most targeted for ransomware attacks and double-extortion scams.


Shipping brands, such as DHL and FedEx, are the most impersonated brands online. Cyber attackers are targeting customers through phishing scams that boast a high degree of similarity to real communications from these organisations. DocuSign and Facebook also both saw more than double the amount of impersonation attempts compared to 2023, while Mastercard and Netflix both saw notable increases as well.


The need for zero-trust mindset


Hofmann added: “In 2025, organisations must prioritise basic security practices and embrace a zero-trust mindset to tackle vulnerabilities head-on and foster a strong security culture. Building a well-defended business isn’t possible without engaging everyone—helping them understand how cybersecurity impacts them personally and why their role is essential to keeping threats at bay.


“This report’s findings should motivate, not deter, organisations from focusing on cybersecurity. By working with trusted vendors, companies can not only protect themselves but also tap into expert knowledge that elevates their overall cybersecurity strategy.”



 

Click here to read the full Cybersecurity Report, including its predictions for 2025.

connexion_panel_edited.jpg
CXO_8-in-1.png
subscribe_button.png

 

Disclaimer:

The information contained in this site is for reference only. While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, we are not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided "as is", with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. In no event will Ho Hon Asia Limited, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages.
Certain links in this site connect to other websites maintained by third parties over whom we have no control. We make no representations as to the accuracy or any other aspect of information contained in other websites.

2025 @ Inno-Thought and its affiliates. All rights reserved.

bottom of page