Gadget

The phishing you fall for

More than a third of people taking part in simulated phishing tests fell for it when they received an urgent message to check a password immediately. KnowBe4, a security awareness training and simulated phishing platform, reported in its Q4 2019 top-clicked phishing report that 39% of users fell for this kind of message.

KnowBe4’s top-clicked social media email subjects reveal that LinkedIn messages are the most popular, at 55%, followed by Facebook, at 28%.

“With more end users becoming security-minded, it’s easy to see how they fall for phishing scams related to changing or checking their passwords,” said Stu Sjouwerman, CEO of KnowBe4. “They should be especially cautious if an email seems too good to be true, such as a giveaway. As identifying phishing attacks from legitimate emails becomes trickier, it’s more important than ever to look for the red flags and think before you click.” 

In Q4 2019, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organisation also reviewed “in-the-wild” email subject lines that show actual emails users received and reported to their IT departments as suspicious. They reported the following results:

Top 10 General Email Subjects

*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q4 2019 included:

*Capitalization and spelling are as they were in the phishing test subject line.
**In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

* For more information, visit www.knowbe4.com.

Exit mobile version