'Password Check Required'? Not So Fast

The most successful phishing emails tell users to check their passwords or investigate security alerts.

Dark Reading Staff, Dark Reading

July 25, 2018

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Hackers are exploiting their increasingly security-savvy targets by sending emails disguised with subject lines about security alerts and password verification. Consumers are taking the bait.

For the "Top 10 Global Phishing Email Subject Lines" report for Q2 2018, researchers at KnowBe4 pulled data from simulated phishing tests and real-word phishing emails reported to IT departments. The most successful messages target users' commitment to security as attackers bank on the likelihood such emails will make people feel alarmed or needed.

"Password Check Required Immediately" is the most effective subject line, with 15% of users clicking, followed by "Security Alert" (12%) and "Change of Password Required Immediately" (11%). Other common lines included "A Delivery Attempt was Made" (10%), "Urgent press release to all employees" (10%), and "Deactivation of [[email]] in Process" (10%).

Read more details here.

Horizontal-334031_BH_US18_banners_468x60_non_1.png

 

 

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights