KnowBe4 reports on the top-clicked phishing emails by subject lines each quarter in three different categories: subjects related to social media, general subjects, and 'In the Wild' - we get those results from the millions of users that click on our Phish Alert Button to report real phishing emails and allow our team to analyze the results.
LinkedIn and Facebook Are Convincing Ploys
Nearly half of all social media-related phishing emails imitated LinkedIn messages. This is a trend we are seeing each quarter, likely because there is a perception that these emails appear to be legitimately coming from a professional network. It's a significant problem because many LinkedIn users have their accounts tied to their corporate email addresses.
The fall hiring season is very hot right now. With more than 20 million jobs posted, LinkedIn is the perfect way for scammers to trick users into becoming victims. We've also seen Facebook subject lines gaining traction, which isn't a huge surprise as brand impersonation of the social network is surging.
Password Management Continues to Entice Clicks
Aside from social media-related messages, general subject lines related to password management were highest on the list once again. Another common theme is HR-related messages that mention benefits, organizational changes and staff review. In-the-wild attacks – those that were real phishing emails and not KnowBe4 templates – found the greatest success when they asked for action from the recipient or promised something of value.
See the Infographic with All Top Messages in Each Category for Last Quarter:
Click here to download the full infographic (PDF) Great to share with your users!
Top-Clicked Social Media Related Subjects in Q3 2019:
- LinkedIn: You appeared in new searches!, Add me to your network, Profile Views, Password Reset, Deactivation Request
- Facebook: Your friend tagged you in photos, Someone mentioned you, Primary email changed'
- Someone has sent you a Direct Message on Twitter!
- Login alert for Chrome on Motorola Moto X
Top 10 Most-Clicked General Email Subjects in Q3 2019:
- Password Check Required Immediately
- A Delivery Attempt was made
- De-activation of [[email]] in Process
- New food trucks coming to [[company_name]]
- Updated Employee Benefits
- Revised Vacation & Sick Time Policy
- You Have A New Voicemail
- New Organizational Changes
- Change of Password Required Immediately
- Staff Review 2018
Most Common 'In the Wild' Attacks in this period were:
- Skype: New Unread Voicemail Message
- Transaction Refund
- [[NAME]] shared a document with you
- Microsoft Teams: Please authenticate your account
- Bonus payments for selected employees
- Cisco Webex: Your account is blocked
- Amazon: Billing Address Mismatch
- USPS: High Priority Package: Track it now!
- Verizon: Security Update
- Adobe Cloud: Shared a file with you on Adobe Cloud
*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.
See results from all previous quarters here: https://blog.knowbe4.com/topic/top-clicked-phishing-email-subjects
Here's how it works:
