Top-Clicked Phishing Email Subjects: Q1 2020

Each quarter, KnowBe4 - the world’s largest security awareness training and simulated phishing platform - publishes the top-clicked phishing emails by subject lines. The results come from their millions of users reporting real phishing emails. The subjects are categorized into three different categories: those related to social media, general subjects, and 'In the Wild'.

The first two categories contain email subjects created by KnowBe4 to test their clients’ security posture. ‘In the Wild’ attacks refer to those email subjects that were real phishing emails and not KnowBe4 templates.

Top Clicked Email Subjects

Social Media Related Subjects: 

person checking email
  • LinkedIn: Profile Views, Add me to your network, Security Update

  • Your friend tagged you in photos on Facebook

  • Login alert for Chrome on Motorola Moto X

  • Your password was successfully reset

  • Someone may have accessed your account

  • Someone has sent you a Direct Message on Twitter!

  • New voice message at 1:23AM

General Email Subjects: 

  • Password Check Required Immediately

  • CDC Health Alert Network: Coronavirus Outbreak Cases

  • PTO Policy Changes

  • Scheduled Server Maintenance -- No Internet Access

  • Test of the [[company_name]] Emergency Notification System

  • Revised Vacation & Sick Time Policy

  • De-activation of [[email]] in Process

  • Please Read Important from Human Resources

  • Someone special sent you a Valentine's Day ecard!

  • You have been added to a team in Microsoft Teams

Most Common 'In the Wild' Attacks in this period:

  • List of Rescheduled Meetings Due to COVID-19

  • SharePoint: Coronavirus (COVID-19) Tax Cut Document

  • Confidential Information on COVID-19

  • IT: Work from home - VPN connection

  • Comcast: Notification from Carl Vargas

  • Microsoft: Your meeting will begin soon

  • HR: New Employee Stock Purchase Plan

  • Vodafone: Caller Alert: Msg Received Today

  • Amazon Chime: Vonage invites you to join vonage_303136

  • Parking Authority: Parking Ticket: Pay Charge

Key Takeaways

  1. Coronavirus-related phishing email attacks are up 600%. The second most popular message of the entire quarter was a fake CDC alert about Coronavirus cases. Cybercriminals are preying on heightened stress, distraction, urgency, curiosity, and fear to get people to react before thinking logically about whether or not an email is legit.

  2. LinkedIn messages dominate the top social media email subjects. Other emails containing security-related warnings create a sense of urgency that convinces people to click their links. 

  3. Security and HR-related messages that could potentially affect an employees daily work continue to be effective. Especially during this time with so much uncertainty surrounding work.


Kotman Technology has been delivering comprehensive technology solutions to clients in California and Michigan for nearly two decades. With a customer retention of over 98%, we pride ourselves on being the last technology partner you'll ever need. Contact us today to experience the Kotman Difference.

Previous
Previous

5 Common COVID-19 Cyber Attacks

Next
Next

What's With the Rocks?