The 10 Most Successful Phishing Email Subject Lines

Legitimate email marketers probably don’t need this intelligence. But for those who are curious, or want to avoid attacks, KnowBe4 has identified the 10 most-clicked subject lines, from tens of thousands of examples examined in simulated email phishing tests. They are:

  1. Password check required immediately — 15% 
  2. Security alert — 12% 
  3. Change of password required immediately — 11%
  4. A delivery attempt was made — 10% 
  5. Urgent press release to all employees — 10% 
  6. Deactivation of [email] in process — 10% 
  7. Revised vacation & sick time policy — 9% 
  8. UPS label delivery, 1ZBE312TNY00015011 — 9%
  9. Staff review 2017 — 7% 
  10. Company policies - updates to our fraternization policy — 7% 

KnowBe4 also examined "in-the-wild" subject lines that show actual emails users received and reported to their IT departments. The most common are:

  • Microsoft: Re: Important Email Backup Failed 
  • Microsoft/Office 365: Re: Clutter Highlight
  • Wells Fargo: Your Wells Fargo contact information has been updated 
  • Chase: Fraudulent Activity On Your Checking Account – Act Now
  • Office 365: Change Your Password Immediately 
  • Amazon: We tried to deliver your package today 
  • Amazon: Refund - Valid Billing Information Needed 
  • IT: Ransomware Scan
  • Docusign: Your Docusign account is suspended
  • You have a secure message
Next story loading loading..