KnowBe4 Top-Clicked Phishing Email Subjects for Q3 2018 [INFOGRAPHIC]

The latest results of KnowBe4's quarterly top-clicked phishing email subjects is now available. We report on three different categories: general emails, social media related subjects, and 'in the wild' attacks - those subjects come from the millions of users that click on our Phish Alert Button on real phishing emails and allow our team to analyze the results. 

Make Your Users Think Before They Click!

Sharing these specific subject lines with users lets them know what is currently working for the bad guys and what they should be watching out for. In many cases the top subjects are repeated quarter over quarter, so looking not just at the subjects but also reasons why so many people clicked can help them to stay vigilant and ultimately think twice before clicking. 

Security-Minded Messages Continue to Bypass Security Defenses

“Hackers are leveraging an individual’s desire to remain security minded or well informed by playing into his/her psyche,” said Perry Carpenter, chief evangelist and strategy officer, KnowBe4. “They do this by making someone believe they are at risk or that something needs immediate attention. These types of attacks are effective because they cause a person to simply react before thinking logically about the legitimacy of the email. Managing the ongoing problem of social engineering is becoming more and more difficult as hackers play into human emotions by causing feelings of alarm or curiosity.”

See the Infographic with Top Messages in Each Category for Last Quarter:


The Top 10 Most-Clicked General Email Subject Lines Globally for Q3 2018 Include:

  1. Password Check Required Immediately 34%
  2. You Have A New Voicemail 13%
  3. Your order is on the way 11%
  4. Change of Password Required Immediately 9%
  5. De-activation of [[email]] in Process 8%
  6. UPS Label Delivery 1ZBE312TNY00015011 6%
  7. Revised Vacation & Sick Time Policy 6%
  8. You've received a Document for Signature 5%
  9. Spam Notification: 1 New Messages 4%
  10. [ACTION REQUIRED] - Potential Acceptable Use Violation 4%

*Capitalization and spelling are as they were in the phishing test subject line
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers

Most Common ‘In-The-Wild’ Emails in Q3 2018 Included:

  • You have a new encrypted message
  • IT: Syncing Error - Returned incoming messages
  • HR: Contact information
  • FedEx: Sorry we missed you.
  • Microsoft: Multiple log in attempts
  • Wells Fargo: Irregular Activities Detected On Your Credit Card
  • LinkedIn: Your account is at risk!
  • Microsoft/Office 365: [Reminder]: your secured message
  • Coinbase: Your cryptocurrency wallet: Two-factor settings changed

*Capitalization and spelling are as they were in the phishing test subject line **In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

Greatest Cybersecurity Threat is Untrained Staff

87% of global executives view untrained staff as the greatest cyber risk to their business, according to a recent report by Willis Towers Watson and ESI ThoughtLab. Compounding this finding is the fact that staff training is ranked among the categories to have made the least progress when measured against the National Institute of Standards and Technology (NIST) cybersecurity framework. The research also identified the most common types of attacks include malware/spyware (81% and phishing (64%).

How to Get Users to Stop Clicking

According to NIST, there are three parts to the strategy:

  • More User Education – Users need to be trained on the latest scams, methods, and be taught what to look for. This is better known as Security Awareness Training.
  • More Technology – NIST feels the solutions put in place need to move beyond just being reactive, and focus on stopping a threat before it ever even has a chance. This is where layers of defense in depth come into play. 
  • User Reporting – Organizations need to make it easier for users to report attacks to IT. This allows IT to respond, including informing the remainder of the user base, minimizes the threat potential and the damage. Here is a way to do that for free.

Free Phishing Security Test

pst30_V2Did you know that 91% of successful data breaches started with a spear phishing attack?

End users remain the weakest link in cybersecurity. We help you train your employees to better manage the urgent IT security problems of social engineering, spear phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone with your free test. Plus, see how you stack up against your peers with our phishing Industry Benchmarks!

Go Phishing Now!



PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews