First Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

KnowBe4 customers run millions of phishing tests per year, and we report frequently on the top-clicked phishing topics so that our customers know what the highest-risk phishing templates are. That way they can inoculate their employees against the most prevalent social engineering attacks. 

This infographic shows the most frequently clicked phishing emails from Q1 2017 broken down into 3 categories: subjects related to social media, general emails and 'In The Wild' attacks that we received from our customers by employees clicking the Phish Alert Button and sending the email to us for analysis. 

Q1 2017 Top Clicked Phishing Emails

Note that these have made it through all the filters and into the inbox of the employee. A multi-layered defense is critical because each layer has different points of effectiveness and ineffectiveness. That is one of the reasons we continue to remind IT pros that creating a human firewall is an essential last line of defense which you cannot do without.  

How Can I Use This Information In My Organization?

Armed with this data, customers can now schedule phishing tests to strengthen their human firewall. KnowBe4 recommends to start with 1- and 2-star level tests --these are the easier ones to spot -- and over a 12-month period increase the difficulty level to 4- and 5-star templates which are much harder to identify. 

You can even target specific groups, departments, and/or individuals with phish of differing maturity levels. That can allow security leaders to inject training at a maturity level that is most likely to help each group – and it also allows for some gamification.

Phishing Emails Remain the #1 Infection Vector

Fresh information from Osterman Research shows that over a 10-year timespan, since mid-2014, phishing has taken over from Web and still remains the No.1 network infection vector. This is significant because it is seeing effectiveness in a ‘push’ model as the attack vector.  In other words, the attackers aren’t merely placing what are in-effect landmines out on the web and hoping that people will stumble over them. The graph below was updates this week.

Phishing Infection Vector Trend

Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks. Old-school Security Awareness Training doesn’t hack it anymore. More than ever, your users are the weak link in your network security. Get a product demonstration of the innovative KnowBe4 Security Awareness Training Platform. In this live one-on-one demo we will show you how you can:

checkmark NEW  Access to the world's largest library of security awareness training.

checkmark NEW  Social Engineering Indicators technology, turns every simulated phishing email into a tool you can use to instantly train employees.

checkmark Send Simulated Phishing tests and drive down the Phish-prone percentage.

checkmark Advanced Features: EZXploit™ automated "human pentest". USB Drive Test™ 

checkmark Active Directory Integration allows you to easily upload and manage users. 

checkmark Reporting to watch your Phish-prone percentage drop, with great ROI.

 Request A Demo

Don't like to click on redirected buttons? Cut & Paste this link in your browser:



Subscribe To Our Blog

Your Coronavirus and Work From Home Resource Center

Get the latest about social engineering

Subscribe to CyberheistNews