KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, and top attack vector types.
Business-Related Phishing Attempts Still Trending
Business phishing emails have always been effective and continue to be successful because of their potential to affect a user’s workday and routine. This quarter’s results reveal that 40% of email subjects are HR related, creating a sense of urgency in users to act quickly, sometimes before thinking logically and taking the time to question the email’s legitimacy. We also see that the top attack vector for this quarter is phishing links in the body of an email. These combined tactics can have destructive outcomes for organizations and lead to a multitude of cyberattacks such as ransomware and business email compromise.
“As phishing emails evolve and become more sophisticated, it is imperative that organizations prioritize security awareness training for all employees, now more than ever,” said Stu Sjouwerman, CEO, KnowBe4. “Phishing emails that disguise themselves as internal communications are especially concerning since they are sure to grab the attention of users and typically incite action. New-school security awareness training for employees helps combat phishing and malicious emails by educating users on what to look out for— it is the key to creating a healthy level of skepticism to better protect an organization and build a stronger security culture.”
In Q3 2022, we examined ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. We also reviewed tens of thousands of email subject lines and categories from simulated phishing tests, and top attack vector types in both categories. The results are below:
Common ‘In-The-Wild’ Emails for Q3 2022:
- Equipment and Software Update
- Mail Notification: You have 5 Encrypted Messages
- Amazon: Amazon - delayed shipping
- Google: Password Expiration Notice
- Action required: Your payment was declined
- Wells Fargo: Transfer Completed
- DocuSign: Please review and sign your document
- IT: IT Satisfaction Survey
- Zoom: [[manager_name]] has sent you a message via Zoom Message Portal
- Microsoft: Microsoft account security code
Top Phishing Email Subjects Globally
- HR: Vacation Policy Update
- HR: Important: Dress Code Changes
- Password Check Required Immediately
- HR: Your performance evaluation is due
- Weekly Performance Report
- LinkedIn: Who's searching for you online?
- IT: Internet Report
- HR: Please update W4 for file
- Acknowledge Your Appraisal
- Employee Expense Reimbursement for [[email]]
Top Attack Vector Types
- Link - Phishing Hyperlink in the Email
- Spoofs Domain - Appears to Come From the User's Domain
- PDF Attachment - Email Contains a PDF Attachment
- Branded - Phishing Test Link Has User's Organizational Logo and Name
- Credentials Landing Page - Phishing Link Directs User to Data Entry or Login Landing Page
*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.
See results from all previous quarters in our Top Clicked Phishing Email Subjects topic.