Top-Clicked Phishing Email Subjects

Think before you click!

KnowBe4, a provider of security awareness training and simulated phishing attacks, has released statistics on the top 10 phishing email subjects that are opened by end-users. Drum roll please – the top 10 are:

  1. Password Check Required Immediately
  2. Security Alert
  3. Change of Password Required Immediately
  4. A Delivery Attempt was made
  5. Urgent press release to all employees
  6. De-activation of [[email]] in Process
  7. Revised Vacation & Sick Time Policy
  8. UPS Label Delivery, 1ZBE312TNY00015011
  9. Staff Review 2017
  10. Company Policies-Updates to our Fraternization Policy

The top 10 phishing subjects are all attention-grabbing, actionable items. Typically there is no harm in the end-user opening the email to investigate further. The harm comes when users inevitable clicks the link. The embedded links either download a malicious payload or skim login information– both of which has negative consequences.

Phishing attacks will continue to occur, whether to extort information or money. A recent report from Webroot validates this notion with IT decision makers believing their organizations are most vulnerable to phishing attacks – more so than new forms of malware. 56% of IT decision makers in the U.S. believe their businesses will be most susceptible to phishing attacks.

Think before you click!

Training is one of the best tools to fight phishing-related emails. There is a plethora of tools and material on the Internet that can be used to test and train users. For example, CoFense offers free testing and training materials for SMBs. Ultimately, the more educated users are, the more cautious they will be when opening and clicking suspicious inbox items.

How is your state of IT? Call Us: (855) 551-7760 with any questions.