First Quarter Top-Clicked Phishing Tests

KnowBe4 customers run millions of phishing tests per year, and we report frequently on the top-clicked phishing topics so that our customers know what the highest-risk phishing templates are. That way they can inoculate their employees against the most prevalent social engineering attacks. 

Fresh information from Osterman Research shows that over a 10-year timespan, since mid-2014, phishing has taken over from Web and still remains the No.1 network infection vector. The graph you see was updated this week. Protecting your network by stepping employees through new-school security awareness training is a must these days.

Phishing Infection Vector Trend

First quarter 2017 Top-Clicked Phishing Tests

We break these out in two sections, social media and non-social phishing tests. To start with the latter, here are the top- clicked topics for the first quarter:

  • 14% UPS Label Delivery , 1ZBE312TNY00015011
  • 13% Email Account Updates
  • 13% Your inbox is full
  • 11% A Delivery Attempt was made
  • 11% Unusual sign-in activity
  • 10% FW: Microsoft Security Update
  • 10% Update your mailbox
  • 9% Urgent: Mandatory Password Reset
  • 9% Internet Capacity Warning

Regarding the top-clicked phishing test related to social media, here are the numbers:

  • 23% Login alert for Chrome on Motorola Moto X
  • 18% 55th Anniversary and Free Pizza
  • 14% Please add me to your LinkedIn Network
  • 11% Join my network on LinkedIn
  • 11% Your Friend Tagged a Photo of You
  • 6% New LinkedIn InMail Message
  • 5% You have a Google Drive File Shared
  • 4% Reset your LinkedIn Password
  • 4% You have a new unread message!
  • 3% Your Klout Score Went Up!
  • 2% Confirm your Twitter account

Armed with this data, customers can now schedule phishing tests to strengthen their human firewall. KnowBe4 recommends to start with 1- and 2-star level tests --these are the easier ones to spot -- and over a 12-month period increase the difficulty level to 4- and 5-star templates which are much harder to identify. 

Top "In The Wild" Attacks

And here are this week's Top 10 "In The Wild" phishing attacks that we received from our customers by employees clicking the Phish Alert Button and sending the email to us for analysis. We "defang" these attacks and have them updated real-time in a campaign that customers can run regularly to test employees against the "real thing". 

  1. "Direct Deposit of Payment on Your Checking Account" - False electronic deposit confirmation pushes malicious attachment.
  2. "Irregular Activity on Your SunTrust Online Account" - False bank account security alert springs malicious link on users.
  3. "Closing Extension/Final Closing Statement" - Malicious attachment is misrepresented to users as a closing statement.
  4. "Bank transfer of 75,000 USD" - Email claims malicious attachment contains data regarding a bank money transfer.
  5. "Drake: Account Validation" - Fake message from software company invites users to click malicious link.
  6. "Threats of Legal Action About Invoice 72393" - False threat of legal action compels users to click malicious link.
  7. "RFQ Quote the Models" - Purported RFQ asks users to open malicious attachment.
  8. "PayPal: Your account has been limited" - Fake Paypal notice requests users click a malicious link to resolve account problems.
  9. "Your Order #335816 placed on Friday is paid" - False eBay order notice asks users to click malicious link to cancel payment.

Note that these have made it through all the filters and into the inbox of the employee. That is one of the reasons we continue to remind IT pros that creating a human firewall is an essential last line of defense which you cannot do without.  

Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks. Old-school Security Awareness Training doesn’t hack it anymore. More than ever, your users are the weak link in your network security. Get a product demonstration of the innovative KnowBe4 Security Awareness Training Platform. In this live one-on-one demo we will show you how you can:

 checkmark NEW  Access to the world's largest library of security awareness training.

checkmark NEW  Social Engineering Indicators technology, turns every simulated phishing email into a tool you can use to instantly train employees.

checkmark Send Simulated Phishing tests and drive down the Phish-prone percentage.

checkmark Advanced Features: EZXploit™ automated "human pentest". USB Drive Test™ 

checkmark Active Directory Integration allows you to easily upload and manage users. 

checkmark Reporting to watch your Phish-prone percentage drop, with great ROI.

 Request A Demo

Don't like to click on redirected buttons? Cut & Paste this link in your browser:



Topics: Phishing

Subscribe To Our Blog

Get the latest about social engineering

Subscribe to CyberheistNews