Top 10 Phishing Email Subjects: Q1 2022

Each quarter, KnowBe4 - the world’s largest security awareness training and simulated phishing platform - publishes the top-clicked phishing emails by subject lines. The results come from their millions of users reporting real phishing emails. The subjects are categorized into two different categories: those related to social media, general subjects, and 'In the Wild'.

The first category contains email subjects created by KnowBe4 to test their clients’ security posture. ‘In the Wild’ attacks refer to those email subjects that were real phishing emails and not KnowBe4 templates.

Top Clicked Email Subjects

person pointing to their phone next to another person

Top 10 Most-Clicked General Email Subjects in Q1 2022:

  1. HR: New requirements tracking Covid vaccinations

  2. Password Check Required Immediately

  3. HR: Vacation Policy Update

  4. HR: Important: Dress Code Changes

  5. Acknowledge Your Appraisal

Most Common 'In the Wild' Emails in Q1 2022:

  1. IT: Software Update

  2. Google Forms: Your Voice Engagement Survey

  3. Zoom: You missed a Zoom meeting

  4. Project Notice

  5. Dropbox: Updates about your account

Key Takeaways

Holiday Schedule Changes and Gift Notifications Trigger an Emotional Response

  1. This quarter there was an influx in IT and online service notifications that could potentially affect users' daily work. These types of attacks prey on a person's emotions in the hopes they will act on them rather than logically evaluating if the email is real or not.

  2. In the US, most of the subjects have the appearance of coming from the users' own organization. These notifications seem urgent and entice users to click. Adopting a heightened sense of suspicion around emails that trigger an emotional response can end up preventing a detrimental cybersecurity attack.

  3. HR-related messages such as a change in the schedule for the holidays likely piqued interest from employees to see if they would receive an extra day off or shortened work schedule due to the holidays. Remaining vigilant for any type of emails that seem out of the ordinary or contrary to what normal established policies are.

See KnowBe4’s original post.


Kotman Technology has been delivering comprehensive technology solutions to clients in California and Michigan for nearly two decades. We pride ourselves on being the last technology partner you'll ever need. Contact us today to experience the Kotman Difference.

Previous
Previous

Password Maintenance 101

Next
Next

Scan Scams: QR Code Phishing