Cloudflare Says Over 5% of Global Emails Are Packed with Malice

Cloudflare Says Over 5% of Global Emails Are Packed with Malice
Rachael Kongahage

Written By

Rachael Kongahage
Gaetan Lajeune

Reviewed By

Gaetan Lajeune
  • Updated

Share this article

Latest News

Opera and Tether bring digital dollars to emerging markets
Opera and Tether Turn Smartphones Into Digital Dollar Wallets for Millions
Your Daily Crypto Catch-Up for 02nd Feb
Step Finance hit by treasury breach as STEP token plunges over 90%
February Token Unlocks Begin With Trump in Focus
VIEW MORE

Learn Crypto

Beginner
Intermediate
Advanced
Latest Video
Subscribe
Rachael Kongahage
Written By: Rachael Kongahage
Gaetan Lajeune
Reviewed By: Gaetan Lajeune
  • Updated

Cloudflare just dropped some eye-opening numbers showing that more than 5% of all emails flying around the world carry malicious intent.

Think your email is safe? Think again.

In their deep dive over the past year, Cloudflare found a crazy 5.6% of global email traffic was downright harmful. To put that in perspective, that’s one email in every 20 hitting inboxes everywhere.

Join our newsletter

Things got even wilder in November, when the bad stuff spiked to nearly 10%, almost double the yearly average. 

These aren’t just annoying spam; we’re talking emails designed to steal your credentials, data, or hard-earned cash, as detailed in Cloudflare’s 2025 year-in-review report.

Cloudflare Says Over 5% of Global Emails Are Packed with Malice
Malicious emails surged to 9.7% in November. Source: Cloudflare

This hits especially close to home for crypto fans. Phishing scams aimed at traders, investors, and big players in the space have gotten sneakier and more frequent lately. 

Cloudflare Says Deceptive Links Lead the Pack in Email Attacks

Digging deeper, Cloudflare reports that over half, or 52%, of these malicious emails hid a tricky deceptive link, making it the top threat by far. 

Coming in second was identity deception at 38%, up from last year, where crooks fake trusted senders using spoofed domains, look-alike sites, or clever display name swaps.

Cloudflare also spotlighted some shady domain trends. The worst offender? The “.christmas” top-level domain, with a staggering 92.7% of emails from it being malicious. 

Hot on its heels were “.lol,” “.forum,” “.help,” “.best,” and “.click” all favorites for spammers and scammers.

It’s not just links; attachments are trouble too. Other security pros like Barracuda scanned hundreds of millions of emails and found a quarter were straight-up spam, with one in four HTML attachments turning out malicious. Even PDFs got in on it, with 12% of bad ones pushing Bitcoin scams.

Email threats report highlights key findings

Barracuda scanned hundreds of millions of emails: Via Barracuda

These revelations from Cloudflare are a wake-up call: beef up your defenses, double-check those senders, and certainly never click suspiciously.

Disclaimer: Coin Medium is not responsible for any losses or damages resulting from reliance on any content, products, or services mentioned in our articles or content belonging to the Coin Medium brand, including but not limited to its social media, newsletters, or posts related to Coin Medium team members.

Rachael Kongahage

The Sentence Sorcerer
I’m a passionate and experienced Writer, Broadcaster, and Communications professional with a diverse background spanning sustainability, digital transformation, branding, employee communications, Web3, crypto, and current affairs. I thrive on blending storytelling, voice, strategy, and news reporting to engage and connect with audiences in meaningful and impactful ways.

Related Articles

Opera and Tether bring digital dollars to emerging markets
Opera and Tether Turn Smartphones Into Digital Dollar Wallets for Millions
WHCY 2nd Feb
Your Daily Crypto Catch-Up for 02nd Feb
Step_Finance_treasury_breach_leads_to_27M_in_losses_STEP_crashes_90_
Step Finance hit by treasury breach as STEP token plunges over 90%
BEGINNER
INTERMEDIATE
ADVANCED

Stay ahead of the curve with expert crypto insights, guides, and market trends โ€” join to our newsletter.

JOIN OUR NEWSLETTER

Follow Coin Medium

Share this article

BACK TO TOP