KnowBe4's latest reports on top-clicked phishing email subjects have been released for Q2 2023. We analyze 'in the wild' attacks reported via our Phish Alert Button, top subjects globally clicked on in phishing tests, top attack vector types, and holiday email phishing subjects.
HR-Related Subjects Represent Half of Malicious Emails Clicked
This last quarter's results reflect the popularity of HR-related email subjects such vacation policy notifications, dress code changes, and past due training alerts that can affect end users’ daily work.
“The threat of phishing emails remains as high as ever as cybercriminals continuously tweak their messages to be more sophisticated and seemingly credible, now with the help of GenAI and returning to the office ,” said Stu Sjouwerman, CEO, KnowBe4. “The trend of phishing emails revealed in the Q2 phishing report is especially concerning, as 50% of these emails appear to come from HR – a trusted and crucial department of so many, if not all organizations. These disguised emails take advantage of employee trust and typically incite action that can result in disastrous outcomes for the entire organization. New-school security awareness training for employees is crucial to help combat phishing and malicious emails by educating users on the most common cyber attacks and threats. An educated workforce is an organization’s best defense and is essential to fostering and maintaining a strong security culture.”
Click here to download the full infographic (PDF). Great to share with your users!
Each quarter, we examine ‘in-the-wild’ email subject lines that show real emails that users received and reported to their IT departments as suspicious. In addition to HR subjects, we see important looking messages dealing with purchases and financial institutions, as well as IT and online service notifications:
Common ‘In-The-Wild’ Emails for Q2 2023:
- HR: Staff Rewards Program
- Someone is trying to send you money
- IT: Important Email Upgrades
- ALERT - Mail Redirect Triggered
- Amazon: Action Needed: Purchase Attempt
- Microsoft 365: [[display_name]], MFA Security Review is Required
- A fax has arrived
- Google: [[manager_name]] invited you to join Google Chat Group
- Metamask Wallet Update
- Chase: Confirm Your Card Possession
Top Phishing Email Subjects Globally
- Possible typo
- HR: Important: Dress Code Changes
- HR: Please update W4 for file
- Adobe Sign: Your Performance Review
- HR: Vacation Leave Notice: Plan Your Time Off Now!
- HR: Vacation Policy Update
- HR: Your training is past due
- Google: You were mentioned in a document: "Strategic Plan Draft"
- You Have A New Voicemail
- Bad customer review received - Please take action ASAP
Unsurprisingly, phishing links in the email body is consistently the #1 attack vector we see every quarter. When these links are clicked they often lead to disastrous cyberattacks such as ransomware and business email compromise. Other top attack vectors are as follows:
Top 5 Attack Vector Types
- Link - Phishing Hyperlink in the Email
- Spoofs Domain - Appears to Come From the User's Domain
- PDF Attachment - Email Contains a PDF Attachment
- HTML Attachment - Email Contains an HTML Attachment
- Branded - Phishing Test Link Has User's Organizational Logo and Name
Holiday phishing email subjects such as a change in schedule, surveys, and notifications about celebrations are used as bait for unsuspecting users mid-year.
Top 10 Holiday Phishing Email Subjects in Q2 2023
- HR: Change in Holiday Schedule
- HR: Happy 4th of July Message!
- HR: Juneteenth Survey
- HR/July 4th: RSVP for Company BBQ!
- Juneteenth celebration sign-up
*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.
See results from all previous quarters in our Top Clicked Phishing Email Subjects topic.