Top clicked phishing email subjects in 2018

Top clicked phishing email subjects in 2018

I came across some interesting data from one of our cybersecurity partners (Knobe4). KnowBe4 reports every quarter on the top-clicked phishing emails. The results come from a combination of the simulated phishing emails used by our customers as well as from the millions of users that report suspicious emails to their IT department.

I wanted to share this post to make sure you and your team are alert when receiving this sorts of emails. Hackers are playing into employees' desires to be security minded. There's also an intrigue of mystery that often make people curious enough to click, such as a new voicemail, order on the way. They use psychology to convince people to immediately take action on something before the logic & reason part of their brain kicks in.

*Top 10 Most-Clicked General Email Subjects in Q4 2018*

  1. Password Check Required Immediately/Change of Password Required Immediately 19%
  2. Your Order with Amazon Order Receipt 16%
  3. Announcement: Change in Holiday Schedule 11%
  4. Happy Holidays! Have a drink on us. 10%
  5. Problem with the Bank Account 8%
  6. De-activation of [[email]] in Process 8%
  7. Wire Department 8%
  8. Revised Vacation & Sick Time Policy 7%
  9. Last reminder: please respond immediately 6%
  10. UPS Label Delivery 1ZBE312TNY00015011 6%

**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

Most Common 'In the Wild' Attacks in this period were:

  • Apple: You recently requested a password reset for your Apple ID
  • Employee Satisfaction Survey
  • Sharepoint: You Have Received 2 New Fax Messages
  • Your Support Ticket is Closing
  • Docusign: You've received a Document for Signature
  • ZipRecruiter: ZipRecruiter Account Suspended
  • IT System Support
  • Amazon: Your Order Summary
  • Office 365: Suspicious Activity Report
  • Squarespace: Account billing failure

**In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

Through partners like Knobe4, we are now able to provide a cybersecurity package including things like awareness training, Phish Alert Button for staff to report phishing emails, simulated testing to evaluate how alert your staff are, DarkWeb password searches and more. Give us a call to find out more!