Top-Clicked Phishing Email Subjects: Q2 2020

Each quarter, KnowBe4 - the world’s largest security awareness training and simulated phishing platform - publishes the top-clicked phishing emails by subject lines. The results come from their millions of users reporting real phishing emails. The subjects are categorized into three different categories: those related to social media, general subjects, and 'In the Wild'.

The first two categories contain email subjects created by KnowBe4 to test their clients’ security posture. ‘In the Wild’ attacks refer to those email subjects that were real phishing emails and not KnowBe4 templates.

Top Clicked Email Subjects

Social Media Related Subjects: 

1. People are looking at your LinkedIn profile

2. You appeared in new LinkedIn searches this week

3. Please add me to your LinkedIn Network

4. LinkedIn Password Reset

5. Your friend tagged you in photos on Facebook

6. Your friend tagged a photo of you on Facebook

7. Someone has sent you a Direct Message on Twitter

8. Login alert for Chrome on Motorola Moto X

9. New voice message at 1:23AM

10. 55th Anniversary and Free Pizza

General Email Subjects: 

1. Password Check Required Immediately

2. Vacation Policy Update

3. Branch/Corporate Reopening Schedule

4. COVID-19 Awareness

5. Coronavirus Stimulus Checks

6. List of Rescheduled Meetings Due to COVID-19

7. Confidential Information on COVID-19

8. COVID-19 - Now airborne, Increased community transmission

9. Fedex Tracking

10. Your meeting attendees are waiting!

Most Common 'In the Wild' Attacks in this period:

1. Microsoft: Abnormal log in activity on Microsoft account

2. Chase: Stimulus Funds

3. HR: Company Policy Notification: COVID-19 - Test & Trace Guidelines

4. Zoom: Restriction Notice Alert

5. Jira: [JIRA] A task was assigned to you

6. HR: Vacation Policy Update

7. Ring: Karen has shared a Ring Video with you

8. Workplace: [[company_name]] invited you to use Workplace

9. IT: ATTENTION: Security Violation

10. Earn money working from home

Key Takeaways

1. Phishing emails that look like they are coming from LinkedIn have been at the top of the list since KnowBe4 began tracking these in 2017. There is likely a perception that these emails are legitimate because they appear to be coming from a professional network. It's a significant problem because many LinkedIn users have their accounts tied to their corporate email addresses. 

2. Phishing email attacks related to COVID-19 remained frequent in Q2 2020. Covering the entire second quarter, simulated phishing tests with a message related to the coronavirus were the most popular, with a total of 56%.

3. Cybercriminals are preying on heightened stress, distraction, urgency, curiosity, and fear in users brought on by the pandemic and working from home. These types of attacks are effective because they cause a person to react before thinking logically about the legitimacy of the email.

See KnowBe4’s original post.

Kotman Technology has been delivering comprehensive technology solutions to clients in California and Michigan for nearly two decades. With a customer retention of over 98%, we pride ourselves on being the last technology partner you'll ever need. Contact us today to experience the Kotman Difference.