'Password Check Required'? Not So Fast
The most successful phishing emails tell users to check their passwords or investigate security alerts.
Hackers are exploiting their increasingly security-savvy targets by sending emails disguised with subject lines about security alerts and password verification. Consumers are taking the bait.
For the "Top 10 Global Phishing Email Subject Lines" report for Q2 2018, researchers at KnowBe4 pulled data from simulated phishing tests and real-word phishing emails reported to IT departments. The most successful messages target users' commitment to security as attackers bank on the likelihood such emails will make people feel alarmed or needed.
"Password Check Required Immediately" is the most effective subject line, with 15% of users clicking, followed by "Security Alert" (12%) and "Change of Password Required Immediately" (11%). Other common lines included "A Delivery Attempt was Made" (10%), "Urgent press release to all employees" (10%), and "Deactivation of [[email]] in Process" (10%).
Read more details here.
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.
About the Author
You May Also Like