The Most-Clicked Phishing Subject Lines: Analysis

Phishing emails that attempt to victimize people working at home are on the rise, judging by the Q4 2020 phishing report from security training firm KnowBe4. 

Messages that focus on social media are the biggest category, and LinkedIn-related phishing messages account for 47% of those. 

In an analysis of test subject lines, KnowBe4 lists these as the most popular:

  • Password Check Required Immediately 
  • Touch base on meeting next week 
  • Vacation Policy Update 
  • COVID-19 Remote Work Policy Update 
  • Important: Dress Code Changes 
  • Scheduled Server Maintenance -- No Internet Access 
  • De-activation of [[email]] in process 
  • Please review the leave law requirements 
  • You have been added to a team in Microsoft Teams 
  • Company Policy Notification: COVID-19 - Test & Trace Guidelines.

The company notes that Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

Among “in-the-wild” subject lines, the most common included:

  • IT: Annual Asset Inventory 
  • Changes to your health benefits 
  • Twitter: Security alert: new or unusual Twitter login 
  • Amazon: Action Required | Your Amazon Prime Membership has been declined 
  • Zoom: Scheduled Meeting Error 
  • Google Pay: Payment sent 
  • Stimulus Cancellation Request Approved 
  • Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription 
  • RingCentral is coming! 
  • Workday: Reminder: Important Security Upgrade Required 

"It's no surprise that phishing attacks related to working from home are increasing given that many countries around the world have seen their employees working from home offices for nearly a year now," states Stu Sjouwerman, CEO, KnowBe4. 

Sjouwerman adds, "Just because employees may be more used to their home office environment doesn't mean that they can let their guard down."


Next story loading loading..