Consumers are worried about cyber security -- so much so that they are opening phishing emails designed to exploit that fear. When will they learn?
KnowBe4 studied tens of thousands of email subject lines from simulated phishing tests, and found that email users are falling for lines that play on “human emotions by causing feelings of alarm or curiosity,” states Perry Carpenter, chief evangelist and strategy officer, KnowBe4.
The tests included insidious simulated phishing templates created by KnowBe4 for clients and custom email designed by clients.
Here are the most clicked-on phishing test subject lines in the third quarter:
KnowBe4 also studied “wild west” subject lines from emails that were actually received and reported to company IT departments. Here are the top ten:
"Hackers are leveraging an individual’s desire to remain security minded or well informed by playing into his/her psyche," Carpenter says. "They do this by making someone believe they are at risk or that something needs immediate attention."
Carpenter adds, "These types of attacks are effective because they cause a person to simply react before thinking logically about the legitimacy of the email."
The antidote? Training, KnowBe4 says.