Password-related phishing emails are catch users hook, line and sinker

‘Urgent’ phishing emails pushing users to check their passwords attracted the most clicks in quarter four (Q4) 2019, according to a recent study.

The study, conducted by US cybersecurity firm KnowBe4, sought to determine which subject lines would draw the most clicks in their simulated phishing tests for Q4 2019. The company examined tens of thousands of simulated email subject lines during the study and also reviewed real-world subject lines that email users had received and reported to their IT departments as suspicious, KnowBe4 said.

According to the study, 39% of users fell for messages urging them to check their passwords. It follows similar results in quarters two and three, with password checking-related messages snaring 35% and 43% of users respectively, according to KnowBe4.  

“Social media messages are another area of concern when it comes to phishing”, KnowBe4 said. Of social media-related email subjects, people were most likely to click LinkedIn and Facebook messages.

“With more end users becoming security-minded, it’s easy to see how they fall for phishing scams related to changing or checking their passwords,” KnowBe4 CEO Stu Sjouwerman said. 

“They should be especially cautious if an email seems to good to be true, such as a giveaway. As identifying phishing attacks from legitimate emails becomes trickier, it’s more important than ever for end users to look for the red flags and think before they click.”

The top-clicked simulated general email subjects included “Change of Password Required Immediately”, “Microsoft/Office 365: Deactivation of Email in Process”, “Password Check Required Immediately”, “HR: Employees Raises”, “Dropbox: Document Shared With You”, “IT: Scheduled Server Maintenance – No Internet Access” and “Office 365: Change Your Password Immediately”, KnowBe4 reported.

“SharePoint: Approaching SharePoint Site Storage Limit”, “Microsoft: Anderson Hauck has shared a Whiteboard with you”, “Office365: Medium-severity alert: Unusual volume of file deletion”, “FedEx: Correct address needed for your package delivery on [[current_date_0]]” and “USPS: Your digital receipt is ready” were among the most common real-world subject lines seen in Q4 2019. Others included “Twitter: Your Twitter account has been locked”, “Google: Please Complete the Required Steps”, “Cash App: Your Account Has Been Closed”, “Coinbase: Important Please Resolve Error Now” and “Would you mind taking a look at this invoice”, KnowBe4 warned.

Subject lines’ capitalisation and spelling mirror what was seen in the simulated and real-world phishing tests, the company added.

Image credit: ©stock.adobe.com/au/weerapat1003