Q1 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]

5357343Every quarter, KnowBe4 reports on the top-clicked phishing emails by subject lines in three categories: Social, General, and ‘In the Wild’. The latter category results come from the millions of users that click on our Phish Alert Button to report real phishing emails and allow our team to analyze the results.

Social Media Is Now A Part Of Everyday Business

A major trend this quarter is that half of all social media-related subjects looked like they were coming from LinkedIn. We’ve seen this particular message type trending upward quarter over quarter, which is significant because many LinkedIn users have their accounts tied to their corporate email addresses.

Such a high percentage increases corporate risk of a phishing attack, ransomware breach or other social engineering-related threat. Social media sites in general are a crucial piece in the cybercrime economy. According to recent research from Bromium, cybercriminals earn at least $3.25B per year from social media-enabled cybercrime.

As tempting as it may be to click in emails to see who viewed your profile or who wants to connect, it’s more important than ever to think before you click and log in to your account directly.

Hacker’s Tap Into Emotions, Causing Panicked Reactions

Aside from social media-related messages, a lot of subject lines contained phrases like de-activation of email, failed delivery and action required to elicit a sense of urgency from the user. These types of attacks are effective because they cause a person to react without thinking logically about the legitimacy of the email. Notices about delivery attempts, Amazon orders, and HR-related messages also prove to bee too enticing to ignore for many users.

See the Infographic with All Top Messages in Each Category for Last Quarter:


Click here to download the full infographic (PDF) Great to share with your users!

Top-Clicked Social Media Related Subjects in Q1 2019:

  • LinkedIn: Join my network, Profile Views, Add me to your network, New InMail Message
  • Facebook: Password Change, Primary email changed
  • Login alert for Chrome on Motorola Moto X
  • Your password was successfully reset
  • New voice message at 1:23AM
  • Your Friend Tagged a Photo of You

Top 10 Most-Clicked General Email Subjects in Q1 2019:

  1. De-activation of [[email]] in Process
  2. A Delivery Attempt was made
  3. You Have A New Voicemail
  4. Failed Delivery for Package #5357343
  5. Staff Review 2018
  6. Revised Vacation & Sick Time Policy
  7. APD Notification
  8. Your Order with Amazon.com
  9. Re: w-2
  10. Scanned image from MX2310U@[[domain]]

Most Common ‘In the Wild’ Attacks in this period were:

  • Wells Fargo: You have a new secure mail
  • Undelivered Mail
  • Etrade: Action Required!
  • Microsoft Teams: Rick sent a message
  • Microsoft/Office 365: Action required: Update your payment information now
  • Stripe: Just now someone logged in to your account
  • HR: Your Action Required
  • Amazon: Refund Notification
  • OneDrive: Your OneDrive is out of storage space
  • HR: Download your W2 now

    *Capitalization and spelling are as they were in the phishing test subject line.
    **Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

New-school security awareness training for your whole organization is as important as ever.

** Optrics Inc. is an Authorized KnowBe4 partner

Find out how affordable new-school security awareness training is for your organization. Get a quote now.

The original article can be found here:


Leave a Reply