• Cybersecurity experts studied over 25 billion emails for annual report*
  • New insights from Hornetsecurity reveal 40.5% of work emails are unwanted
  • Phishing ranked the number one email attack technique, at 39.6% of detected attacks


Hanover, Germany (November 10, 2022) – New research from cyber security provider Hornetsecurity has revealed that 40.5% of work emails are unwanted. The Cyber Security Report 2023, which analysed more than 25 billion work emails, also reveals significant changes to the nature of cyber-attacks in 2022 – indicating the constant, growing threats to email security, and need for caution in digital workplace communications.

Cyber Securiry Report
Cyber Securiry Report

Phishing remains the most common style of email attack, representing 39.6% of detected threats. Threat actors used the following file types sent via email to deliver payloads: Archive files (Zip, 7z, etc.) sent via email make up 28% of threats, down slightly from last year’s 33.6%, with HTML files increasing from 15.3% to 21%, and DOC(X) from 4.8% to 12.7%.

Commenting on the report findings, Hornetsecurity CEO, Daniel Hofmann, said: “This year’s cyber security report shows the steady creep of threats into inboxes around the world. The rise in unwanted emails, now found to be nearly 41%, is putting email users and businesses at significant risk.  

“What’s more, our analysis identified both the enduring risk and changing landscape of ransomware attacks – highlighting the need for businesses and their employees to be more vigilant than ever.”


False security of Microsoft Teams

New cybersecurity trends and techniques for organisations to watch out for were also tracked. Since Microsoft disabled macros settings in Office 365, there has been a significant increase in HTML smuggling attacks using embedded LNK or ZIP files to deliver malware.

Microsoft 365 makes it easy to share documents, and end users often overlook the ramifications of how files are shared, as well as the security implications. Hornetsecurity found 25% of respondents were either unsure or assumed that Microsoft365 was immune to ransomware threats.

Hofmann added: “For these attackers, every industry is a target. Companies must therefore ensure comprehensive security awareness training while implementing next-gen preventative measures to ward off threats.”

“Ongoing training should be in place to prevent fraudsters from manipulating the trust people have in Microsoft and other office systems, and to counteract the psychological tricks applied by attackers. As usage of cloud services continues to grow and more users turn to MS Teams to share business information, it’s also critical to ensure all data shared via this platform is backed up.”


Shifting targets: brand impersonations

Cyber threats go beyond email and business communication platforms, however.  Brand impersonation attacks continue to rise, even on corporate social media, with LinkedIn growing to 22.4% of detected global brand impersonation threats, an increase of 3.5% compared with last year.

Cybercriminals use platforms like LinkedIn to determine job information and use this to gain access to company resources through social engineering. Organisations and their employees must always exercise caution when receiving work emails – both those that are unwanted, and those that may be from malicious impersonators.

Download the full Cyber Security Report 2023 here.

Hornetsecurity is hosting a Cyber Security Roundtable on 30 November, in which a panel of security experts will discuss the report findings and key strategies to building cyber security resilience in 2023. Learn more and register here.

Notes to Editor:


  1. *By reviewing more than 25 billion emails collected over the current reporting period (1 October 2021 – 30 September 2022), the Security Lab has made the following determinations.

About Hornetsecurity

Hornetsecurity is a leading global email cloud security and backup provider, which secures companies and organisations of all sizes across the world. Its award-winning product portfolio covers all important areas of email security, including spam and virus filtering, protection against phishing and ransomware, legally compliant archiving and encryption — as well as email, endpoint and virtual machine backup, replication, and recovery. Its flagship product is the most extensive cloud security solution for Microsoft 365 on the market.  With more than 400 employees in 12 regional offices, Hornetsecurity is headquartered in Hanover, Germany and operates through its international network of 8,000+ channel partners and MSPs and its 11 redundant, secured data centres. Its premium services are used by 50,000+ customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, and CLAAS.


For any media enquiries, please contact press@hornetsecurity.com.