Simulated phishing tests with an urgent message to check a password immediately were the most effective when it comes to cyber-crime, with 43% of users falling for it.
This is one of the findings from KnowBe4’s Q3 2019 top-clicked phishing report.
Social media messages are another area of concern when it comes to phishing. The top-clicked social media email subjects reveal that LinkedIn messages are the most popular at 48%, followed by Facebook at 37%.
“As cybersecurity threats persist, more and more end users are becoming security-minded,” says Stu Sjouwerman, CEO of KnowBe4. “They have a vested interest in protecting their online lives, so a message that sounds urgent related to their password can entice someone to click.
“The bad guys are always looking for clever ways to trick end users, so they need to remain vigilant.”
KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organisation also examined “in-the-wild” email subject lines that show actual emails users received and reported to their IT departments as suspicious.
The top 10 most-clicked general email subject lines globally for Q3 2019 include:
* Password Check Required Immediately
* A Delivery Attempt was made
* De-activation of [[email]] in Process
* New food trucks coming to [[company_name]]
* Updated Employee Benefits
* Revised Vacation & Sick Time Policy
* You Have A New Voicemail
* New Organizational Changes
* Change of Password Required Immediately
* Staff Review 2018
When investigating “in-the-wild”email subject lines, KnowBe4 found the most common throughout Q3 2019 included:
* Skype: New Unread Voicemail Message
* Transaction Refund
* [[NAME]] shared a document with you
* Microsoft Teams: Please authenticate your account
* Bonus payments for selected employees
* Cisco Webex: Your account is blocked
* Amazon: Billing Address Mismatch
* USPS: High Priority Package: Track it now!
* Verizon: Security Update
* Adobe Cloud: Shared a file with you on Adobe Cloud.