Top-Clicked Phishing Email Subjects: Q1 2021

Each quarter, KnowBe4 - the world’s largest security awareness training and simulated phishing platform - publishes the top-clicked phishing emails by subject lines. The results come from their millions of users reporting real phishing emails. The subjects are categorized into two different categories: those related to social media, general subjects, and 'In the Wild'.

The first category contains email subjects created by KnowBe4 to test their clients’ security posture. ‘In the Wild’ attacks refer to those email subjects that were real phishing emails and not KnowBe4 templates.

Top Clicked Email Subjects

gmail loading screen

Top 10 Most-Clicked General Email Subjects in Q1 2021: 

  1. Password Check Required Immediately

  2. Revised Vacation & Sick Time Policy

  3. COVID-19 Remote Work Policy Update

  4. COVID-19 Vaccine Interest Survey

  5. Important: Dress Code Changes

  6. Scheduled Server Maintenance -- No Internet Access

  7. De-activation of [[email]] in Process

  8. Test of the [[company_name]] Emergency Notification System

  9. Scanned image from MX2310U@[[domain]]

  10. Recent Activity Report

Most Common 'In the Wild' Attacks in Q1 2021:

  1. Microsoft 365: Scheduled Server Backup

  2. IT: IT-Help Ticket Survey Invitation

  3. Warning: Your E-mail account has just sent 260 E-Mails

  4. Amazon Prime: Action required - Card on file has been declined

  5. License Update

  6. Google: Take action to secure your compromised passwords

  7. Apple: Prize winner! We need your confirmation

  8. Zoom: You missed a Zoom meeting

  9. HR: Your payroll details needs updating

  10. Facebook: Important message regarding your Facebook profile

Key Takeaways

  1. Phishing email attacks leveraging COVID-19 were on every quarterly report in 2020, but those subjects aren't as successful a year later. 

  2. Emails purporting to come from HR and security-related notifications are now on the rise. Cybercriminals tend to stick with whatever scams currently work. In Q1, nearly a third of the users who fell for a phishing email clicked on one related to a password check.

See KnowBe4’s original post.


Kotman Technology has been delivering comprehensive technology solutions to clients in California and Michigan for nearly two decades. With a customer retention of over 98%, we pride ourselves on being the last technology partner you'll ever need. Contact us today to experience the Kotman Difference.

Previous
Previous

New Phishing Attacks Bypass Secure Email Gateways

Next
Next

Got Certs? Our Team Does.