Don’t fall for it: Experts expose 30 risky emails hitting inboxes daily

For many of us, checking our emails has become a daily ritual, something we do almost automatically, whether first thing in the morning or throughout the day. 

It’s a convenient way to stay connected with family and friends, keep up with news, manage appointments, and handle important financial or health matters. But did you know this everyday habit could put you at serious risk? 

Recent reports have revealed that, on average, Australians receive up to 30 dangerous emails every day. Your inbox could be a hacker’s playground, and you might not even know it. 

It’s easy to assume that the biggest threats online come from suspicious websites, but the reality is far more mundane. Email remains the number one way cybercriminals target everyday Australians, especially those who may not have grown up with technology at their fingertips.

According to a new report from Barracuda, a leading cybersecurity firm, nearly a quarter of all emails sent globally are now considered malicious or unwanted spam. 

The average person receives around 121 emails daily, and about 30 could be dangerous, ranging from phishing scams to malware-laden attachments.

What makes these emails so dangerous?

The sophistication of these attacks is growing. Here’s what the experts found:

• HTML attachments are the most weaponised: Over 75 per cent of all malicious files detected in emails are HTML files, and 23 per cent of all HTML email attachments are now considered dangerous.
• QR code scams are rising: 68 per cent of malicious PDF attachments contain deceptive QR codes that, when scanned, lead to phishing sites designed to steal your personal information. Alarmingly, 12 per cent of these are linked to extortion scams.
• Microsoft documents aren’t safe either: 83 per cent of malicious Microsoft Office documents also contain these sneaky QR codes.
• Impersonation is rampant: Nearly half (47 per cent) of email domains don’t have proper security settings (known as DMARC) in place, making it easier for hackers to impersonate trusted brands or even people you know.
• Spam is everywhere: 24 per cent of all emails are now classified as malicious or unwanted spam.

What are companies doing to help?

Major email providers like Microsoft and Google are stepping up their security game, introducing stricter rules and smarter filters to catch more threats before they reach your inbox. 

However, as the Barracuda report pointed out, not all organisations keep up, especially when implementing DMARC, a security protocol that helps prevent email spoofing.

Olesia Klevchuk, an email protection expert at Barracuda, said: ‘Organisations need to mitigate the risks by implementing best practice industry standards and adopting a multi-layered approach to email security, leveraging AI-driven threat detection to spot attacks hidden in attachments and malicious websites.’

How can you protect yourself?

The good news is, you don’t need to be a tech wizard to stay safe. Here are some practical steps you can take:

1. Be suspicious of unexpected emails: Double-check before clicking if you receive an email with an attachment or a link you weren’t expecting, even if it looks like it’s from someone you know.
2. Watch out for QR codes: Never scan a QR code from an email unless you’re sure it’s legitimate. Scammers are increasingly using these to direct you to fake websites.
3. Don’t open strange attachments: Be wary of HTML, PDF, or Microsoft Office attachments, especially if the email is unsolicited or out of character.
4. Check the sender’s address: Hackers often use email addresses almost identical to real ones. Look for subtle misspellings or extra characters.
5. Use strong, unique passwords: Enable two-factor authentication for your accounts where possible.
6. Keep your software updated: This includes your email app, antivirus software, and your device’s operating system.
7. Report suspicious emails: Most email providers have a way to report phishing or spam. Doing so helps protect others, too.

Have you ever received a suspicious email or fallen victim to a scam? What steps do you take to protect yourself online? Share your experiences and tips in the comments below—your story could help someone else stay safe!

Also read: Be on the alert for hidden email threats that could be lurking in your inbox!