The most popular subject line in phishing emails is... no subject line, according to Expel’s Quarterly Threat Report Q1 2022.
The study lists the most-used subject lines as follows:
Separately, the report says than 57% of all Q1 incidents were business email compromise (BEC) attempts in Microsoft Office 365. None were in Google Workspace or accounts with FIDO security keys.
In addition, 24% of Expel’s clients experienced at least one BEC attempt in O365. Two percent of these bypassed multi-factor authentication.
There was a spike in BEC targeting during Valentine’s Day week.
Of the attacks seen, 22% were opportunistic attempts to deploy commodity malware or a pre-ransomware downloader.
In addition, 45% of attempts to enter a compromised 0365 account originated from IP addresses associated with VPN services, and 55% from IP addresses connected to an internet service provider.
Business application compromises accounted for 6% of incidents, with 7% in Okta sending Duo push notifications to the victim until they accepted.
Expel also reports that 3% of incidents resulted from “misconfigurations and exposed long-term credentials in Amazon Web Services and Google Cloud Platform.
Retail was the biggest BEC target, with financial services second. Next were nonprofits, entertainment and staffing.
The least likely targets were insurance and utilities.