DodoFinance Breaking News Made For You!
“When we compare the results of phishing emails in the United States with those in Europe, the Middle East and Africa (EMEA), the subjects of the emails in the United States seem to come from organizations where the users and target password security warnings and internal policy changes,” said Stu Sjouwerman, CEO of KnowBe4. subject lines seem to be more personalized to entice the user to click.”
KnowBe4 saw during the fourth quarter of 2021, as expected, holiday-related phishing email topics, particularly about shopping during the holiday season.
The most common subjects of phishing emails have also been broken down to allow comparison between those in the US and those in EMEA. In Q4 2021, KnowBe4 reviewed tens of thousands of subject lines from simulated phishing tests. The organization also looked into the nature of the subject lines of emails actually received that were reported as suspicious by users to their IT department. The results are below.
The most common phishing email subjects:
United States
- Password verification required immediately
- Important: Dress code changes
- Vacation Policy Update
- Important Social Media Policy Change
- Amazon employee discounts for your holiday shopping
EMEA
- Accept invitation – Staff meeting via Teams
- Employee Portal – Timesheet not submitted
- Attachment attached for your review
- Immediate password verification required
- [[company_name]]Invoice
*Capitalization and spelling are the same as the Phishing Test subject line.
** Email subject lines are a combination of simulated phishing patterns created by KnowBe4 for customers and custom tests designed by KnowBe4 customers.
Common “in the wild” attacks:
- IT: registration in the cloud
- Special Project Information
- You have new messages
- Teams events
- Microsoft: Receiving a Private Shared Document
*Capitalization and spelling are the same as the Phishing Test subject line.
**The “in the wild” email subject lines are real emails that users have received and reported to their IT departments as suspicious. These are not simulated phishing test emails.
For more information on KnowBe4, visit http://www.knowbe4.com.
For more information
whizpr
Paul Maris / Nini Joostens
E-mail: [email protected]
Tel: 0317 – 410483
KnowBe4
Jelle Wieringa
E-mail: [email protected]
Tel: 06-11629696
About KnowBe4
KnowBe4, provider of the world’s largest security awareness training and phishing simulation platform, is used by over 30,000 organizations worldwide. KnowBe4 was founded by IT and data security specialist Stu Sjouwerman and helps organizations manage the human element of security. It does this by raising awareness of ransomware, CEO fraud, and other social engineering tactics through a new approach to security awareness training. Kevin Mitnick, an internationally renowned cybersecurity specialist and Chief Hacking Officer of KnowBe4, helped develop the KnowBe4 training based on his well-researched social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to engage their end users as their last line of defense.
“Devoted bacon guru. Award-winning explorer. Internet junkie. Web lover.”
