• by Ray Schultz , October 18, 2022

Here’s a crash course for copywriters on email subject lines that work. Of course, they are fraudulent spam headlines concocted by security firm KnowBe4 and they would probably land you in the slammer if you tried to use them. 

But in the interest of sharing email tactics that work, here are the top ten of the most-clicked phishing tests: 

1. Equipment and Software Update
2. Mail Notification: You have 5 Encrypted Messages
3. Amazon’: Amazon – delayed shipping
4. Google: Password Expiration Notice 
5. Action required: Your payment was declined
6. Wells Fargo: Transfer Completed
7. DocuSign: Please review and sign your document
8. IT: IT Satisfaction Survey
9. Zoom [[manager_name]] has sent you a message via Zoom Message Portal 
10. Microsoft: Microsoft account security code 

On another front, here are the top subjects for phishing emails that mimic internal emails, and their percentages of the total:

• Google: You were mentioned in a document: “Strategic Plan Draft” — 17% 
• HR: Important: Dress Code changes —  15% 
• HR: Vacation Policy Update — 14% 
• Adobe Sign: Your Performance Review — 11% 
• Password Check Required Immediately — 11%
• Acknowledge Your Appraisal — 7% 
• IT: Internet Report — 7% 
• Main points from today’s meeting — 6% 
• USAA: Account Suspension — 6% 
• Employee Expense Reimbursement for [[email]] — 6%

In addition, KnowBe4 has identified the top 5 attack vectors with its phishing security tests: 

• Link — Phishing Hyperlink in the Email 
• Spoofs domain — Appears to come from the User’s Domain 
• PDF Attachment — Email Contains a PDF Attachment 
• Branded — Phishing Test Link Has User’s Organization Logo and Name
• Credentials Landing Page — Phishing Link Directs User to Data Entry or Login Landing Page