Hackers are launching phishing attacks that play into email users’ commitment to security, according to security awareness training and simulated phishing platform provider KnowBe4. These attacks often include email subject lines related to passwords, security alerts and other security topics.
In addition, KnowBe4’s list of the top 10 most-clicked general email subject lines globally in the second quarter of 2018 included:
- Password Check Required Immediately (15 percent).
- Security Alert (12 percent).
- Change of Password Required Immediately (11 percent).
- A Delivery Attempt was made (10 percent).
- Urgent press release to all employees (10 percent).
- De-activation of [[email]] in Process (10 percent).
- Revised Vacation & Sick Time Policy (9 percent).
- UPS Label Delivery, 1ZBE312TNY00015011 (9 percent).
- Staff Review 2017 (7 percent).
- Company Policies-Updates to our Fraternization Policy (7 percent).
* Capitalization and spelling are as they were in the phishing test subject line.
Comparatively, KnowBe4’s list of the top 10 most-clicked general email subject lines globally in 2Q17 included:
1. Security Alert (21 percent).
2. Revised Vacation & Sick Time Policy (14 percent).
3. UPS Label Delivery 1ZBE312TNY00015011 (10 percent).
4. BREAKING: United Airlines Passenger Dies from Brain Haemorrhage – VIDEO (10 percent).
5. A Delivery Attempt was made (10 percent).
6. All Employees: Update your Healthcare Info (9 percent).
7. Change of Password Required Immediately (8 percent).
8. Password Check Required Immediately (7 percent).
9. Unusual sign-in activity (6 percent).
10. Urgent Action Required (6 percent).
Hackers frequently use email subject lines and messages that play into the human psyche of being popular or wanted, KnowBe4 indicated. As such, organizations must educate their employees about social engineering and other tactics that hackers use to bypass security defenses to limit the impact of phishing attacks.
Originaly Posted on MSSPAlert