Security-Related and Giveaway Phishing Email Subject Lines Get the Most Clicks

KnowBe4 revealed the results of its Q4 2019 top-clicked phishing report. The results found that simulated phishing tests with an urgent message to check a password immediately were most effective, with 39% of users falling for it. Social media messages are another area of concern when it comes to phishing. Within the same report, KnowBe4’s top-clicked social media email subjects reveal that LinkedIn messages are the most popular at 55%, followed by Facebook at 28%.

See the Infographic with All Top Messages in Each Category for Last Quarter:Q42019

“With more end users becoming security-minded, it’s easy to see how they fall for phishing scams related to changing or checking their passwords,” said Stu Sjouwerman, CEO, KnowBe4. “They should be especially cautious if an email seems to good to be true, such as a giveaway. As identifying phishing attacks from legitimate emails becomes trickier, it’s more important than ever for end users to look for the red flags and think before they click.”

In Q4 2019, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organization also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. Full results are below:

Top-Clicked Social Media Related Subjects in Q4 2019: 

  • LinkedIn: Add me to your network, You appeared in new searches!, Profile Views, Password Reset, Join My Network, Deactivation Request
  • Facebook: Login Alert, Your friend tagged you in photos, Password Reset
  • Someone has sent you a Direct Message on Twitter!
  • New voice message at 1:23AM

Top 10 General Email Subjects

  1. Password Check Required Immediately
  2. Please review: Appropriate Halloween costumes
  3. Change of Password Required Immediately
  4. Starbucks: Free Drink for the Holidays
  5. New Message about [[company_name]] Holiday Party
  6. DrawNames: [[first_name]], you have been drawn a name for [[company_name]] Holiday Gift Exchange
  7. IT: Scheduled Server Maintenance -- No Internet Access
  8. FYI - Important information about your insurance
  9. HR: Revised Vacation & Sick Time Policy
  10. Microsoft/Office 365: De-activation of Email in Process

*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q4 2019 included:

  • SharePoint: Approaching SharePoint Site Storage Limit
  • Microsoft: Anderson Hauck has shared a Whiteboard with you
  • Office 365: Medium-severity alert: Unusual volume of file deletion
  • FedEx: Correct address needed for your package delivery on [[current_date_0]]
  • USPS: Your digital receipt is ready
  • Twitter: Your Twitter account has been locked
  • Google: Please Complete the Required Steps
  • Cash App: Your Account Has Been Closed
  • Coinbase: Important Please Resolve Error Now
  • Would you mind taking a look at this invoice?

*Capitalization and spelling are as they were in the phishing test subject line.
**In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

Free Phish Alert Button

Do your users know what to do when they receive a phishing email? KnowBe4's Phish Alert Button gives your users a safe way to forward email threats to the security team for analysis and deletes the email from the user's inbox to prevent future exposure. All with just one click! Phish Alert benefits: 

home-KnowBe4-Phish-Alert-2Here's how it works:

  • Reinforces your organization’s security culture
  • Users can report suspicious emails with just one click
  • Incident Response gets early phishing alerts from users, creating a network of “sensors”
  • Email is deleted from the user's inbox to prevent future exposure
  • Easy deployment via MSI file for Outlook, Google Workspace deployment for Gmail (Chrome) and manifest install for Microsoft 365

Get Your Phish Alert Button

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews