More Than 5% Of Global Emails Found To Be Malicious In 2025
Cloudflare found that 5.6% of global email traffic in the past year contained malicious content, meaning over one in twenty emails posed threats, such as credential theft or financial loss. In November, the rate nearly doubled to one in ten emails. Crypto-related phishing is increasing, with deceptive links making up 52% of detected threats—making it the top category—followed by identity deception at 38%, where attackers impersonate trusted sources. Certain domain extensions, especially “.christmas,” were heavily abused for malicious purposes. Barracuda research found email is the most common threat vector, with malicious attachments and links widely used for attacks; 25% of HTML email attachments were malicious, and 12% of malicious PDF attachments involved Bitcoin scams. The frequency of malware-laden emails has surged significantly, reinforcing email’s role as a primary channel for cyberattacks.
