Want to scam people, or install some malware? Here are the subject lines that were most used in tests in Q4 of 2019, courtesy of security training firm KnowBe4.
- SharePoint:
Approaching SharePoint Site Storage Limit
- Microsoft: Anderson Hauck has shared a Whiteboard with you
- Office 365: Medium-severity alert: Unusual volume of file deletion
- FedEx: Correct address needed for your package delivery on [[current_date_0]]
- USPS: Your digital receipt is ready
- Twitter: Your Twitter account has been locked
- Google: Please Complete the Required Steps
- Cash App: Your Account Has Been Closed
- Coinbase: Important Please Resolve Error Now
- Would you mind taking a look at this
invoice?
KnowBe4 studied tens of thousands of subject lines from simulated phishing tests, along with ‘in-the-wild’ subject lines from actual emails that people
received and reported to their IT departments.
The most popular subjects were these:
- Change of Password Required Immediately—26%
- Microsoft/Office 365:
De-activation of Email in Process--14%
- Password Check Required Immediately—13%
- HR: Employees Raises—8%
- Dropbox: Document Shared With You—8%
- IT: Scheduled Server Maintenance—No Internet Access 7%
- Office 365: Change Your Password Immediately—6%
- Avertissement des RH au sujet de l’usage des
ordinateurs personnels—6%
- Airbnb: New device login—6%
- Slack: Password Reset for Account—6%
KnowBe4 also reports that 39% of users have falling for
simulated phishing tests saying a password should be checked immediately.
The most-clicked social media subject lines referenced LinkedIn (55%) and Facebook (28%).
Email users should
be “especially cautious if an email seems to good to be true, such as a giveaway,” states Stu Sjouwerman, CEO of KnowBe4.
Sjouwerman adds: “As identifying phishing attacks
from legitimate emails becomes trickier, it’s more important than ever for end users to look for the red flags and think before they click.”