Third Quarter 2017 Top-Clicked Phishing Email Subjects [INFOGRAPHIC]

KnowBe4 customers run millions of phishing tests per year, and we report quarterly on the latest top-clicked phishing email subjects in 3 separate categories: subjects related to social media, general emails and 'In The Wild' attacks that we received from our customers by employees clicking the Phish Alert Button on real phishing emails and sending the email to us for analysis.  

We want our customers to always know what the most current high-risk phishing templates look like and why users fall for them. That way they can keep up with current threats and innoculate their last line of defense, their users, against social engineering attacks. The Q3 2017 results were a mix of personal and company notifications, showing email continues to be an effective way to phish users.


The Top 10 Most-Clicked General Email Subject Lines Globally for Q3 2017 include:

  1. Official Data Breach Notification – 14%
  2. UPS Label Delivery 1ZBE312TNY00015011 – 12%
  3. IT Reminder: Your Password Expires in Less Than 24 Hours – 12%
  4. Change of Password Required Immediately – 10%
  5. Please Read Important from Human Resources – 10%
  6. All Employees: Update your Healthcare Info – 10%
  7. Revised Vacation & Sick Time Policy – 8%
  8. Quick company survey – 8%
  9. A Delivery Attempt was made – 8%
  10. Email Account Updates – 8%

How Can This Help My Organization?

Armed with this data, KnowBe4 customers can set up phishing campaigns using templates related to these subjects to strengthen their human firewall. We recommend starting with 1- and 2-star level tests --these are easier to spot -- and over a 12-month period increase the difficulty level to 4- and 5-star templates which are much harder to identify. 

You can even target specific groups, departments, and/or individuals with phish of differing maturity levels. That can allow security leaders to inject training at a maturity level that is most likely to help each group – and it also allows for some gamification.

Phishing Emails Remain the #1 Infection Vector

According to Osterman Research, email has been the number one infection vector since 2014. It’s an effective method because it gives attackers more control than simply placing traps on the web and hoping that people will fall for them. Instead, attackers craft and distribute enticing material using both random and targeted means. This method gives the cybercriminals greater control in selecting potential victims, leveraging multiple psychological triggers and engaging in what amounts to a continuous maturity cycle.

Free Phish Alert Button

Do your users know what to do when they receive a phishing email? KnowBe4's Phish Alert Button gives your users a safe way to forward email threats to the security team for analysis and deletes the email from the user's inbox to prevent future exposure. All with just one click! Phish Alert benefits: 

home-KnowBe4-Phish-Alert-2Here's how it works:

  • Reinforces your organization’s security culture
  • Users can report suspicious emails with just one click
  • Incident Response gets early phishing alerts from users, creating a network of “sensors”
  • Email is deleted from the user's inbox to prevent future exposure
  • Easy deployment via MSI file for Outlook, G Suite deployment for Gmail (Chrome)

Get Your Phish Alert Button

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews