Want to scam people, or install some malware? Here are the subject lines that were most used in tests in Q4 of 2019, courtesy of security training firm KnowBe4.
Approaching SharePoint Site Storage Limit
- Microsoft: Anderson Hauck has shared a Whiteboard with you
- Office 365: Medium-severity alert: Unusual volume of file deletion
- FedEx: Correct address needed for your package delivery on [[current_date_0]]
- USPS: Your digital receipt is ready
- Twitter: Your Twitter account has been locked
- Google: Please Complete the Required Steps
- Cash App: Your Account Has Been Closed
- Coinbase: Important Please Resolve Error Now
- Would you mind taking a look at this
KnowBe4 studied tens of thousands of subject lines from simulated phishing tests, along with ‘in-the-wild’ subject lines from actual emails that people
received and reported to their IT departments.
The most popular subjects were these:
- Change of Password Required Immediately—26%
- Microsoft/Office 365:
De-activation of Email in Process--14%
- Password Check Required Immediately—13%
- HR: Employees Raises—8%
- Dropbox: Document Shared With You—8%
- IT: Scheduled Server Maintenance—No Internet Access 7%
- Office 365: Change Your Password Immediately—6%
- Avertissement des RH au sujet de l’usage des
- Airbnb: New device login—6%
- Slack: Password Reset for Account—6%
KnowBe4 also reports that 39% of users have falling for
simulated phishing tests saying a password should be checked immediately.
The most-clicked social media subject lines referenced LinkedIn (55%) and Facebook (28%).
Email users should
be “especially cautious if an email seems to good to be true, such as a giveaway,” states Stu Sjouwerman, CEO of KnowBe4.
Sjouwerman adds: “As identifying phishing attacks
from legitimate emails becomes trickier, it’s more important than ever for end users to look for the red flags and think before they click.”