KnowBe4, the world’s most popular platform for simulated phishing attacks, reports quarterly on the latest top-clicked phishing email subjects so you know what the highest-risk fake emails are. That way you help your last line of defense, YOUR STAFF, protect against the most common social engineering attacks.
Social Media Is Now A Part of Everyday Business
A major trend this quarter is that half of all social media-related subjects looked like they were coming from LinkedIn. We've seen this particular message type trending upward quarter over quarter, which is significant because many LinkedIn users have their accounts tied to their corporate email addresses.
As tempting as it may be to click in emails to see who viewed your profile or who wants to connect, it's more important than ever to think before you click and log in to your account directly.
Hacker's Tap Into Emotions, Causing Panicked Reactions
Aside from social media-related messages, a lot of subject lines contained phrases like de-activation of email, failed delivery and action required to elicit a sense of urgency from the user. These types of attacks are effective because they cause a person to react without thinking logically about the legitimacy of the email. Notices about delivery attempts, Amazon orders, and HR-related messages also prove to be too enticing to ignore for many users.
(click to enlarge)
How Can This Help Your Organization?
Armed with this data, we can set up phishing campaigns using templates related to these subjects to strengthen your human firewall.
You can even target specific groups, departments, and/or individuals with phishing emails of different maturity levels. That can allow security leaders to inject training at a maturity level that is most likely to help each group – and it also allows for some gamification.
Visit https://www.pinkhattech.com/phishing-security-tests/ for more information and to request a quote.
Read the original article at https://blog.knowbe4.com/