Biter Beware: Top Phishing Subject Lines

11/27/2019

Phishing Email ScamsEmail phishing scams, which began in earnest against AOL users in the 1990s, today account for 90% of all data breaches, according to Verizon's latest report on the subject. And despite employers best efforts to train and educate workers, users who get phished still open roughly one-third of all such messages. Hackers commonly bait and reel-in users by combining emotion-fear, urgency, curiosity-with familiar topics such as shopping, document review and credential management. Financially motivated ploys are also quite common. Notably, many phishing subject lines are short and non-specific-often one to four words-illustrating thieves' understanding of busy peoples' preference for quick, informal communications. Moreover, lines that explicitly direct the reader to take some action are clicked on significantly more than others. Here are some of 2019's most prevalent and effective phishing subject-line topics and terms, according to cybersecurity website, Dark Reading.

  1. Shopping: "Amazon: Your Order #xxxxx Has Arrived." Rather than refer to a specific package arrival (nearly impossible), the message may refer to a bogus tracking number or receipt. A string of numeric characters aids in bypassing company spam filters. There may also be a malicious attachment, which launches an infection or device takeover when clicked.
  2. Document review. Macro-laden spreadsheets and other productivity suite documents continue to be an effective and widely used attack vector. Crooks know that exchanging such documents is common among work teams, even in a small company. So, they leverage the practice to kick-off their assault.
  3. Credential management. Unfortunately, forms of "verify your account" and "warning--authorized login attempt" have proven very effective at getting unsuspecting users to click. "This approach has less to do with direct financial gain and more to do with credential theft," observes one expert in the Dark Reading article. A stolen login gives crooks a foothold inside the targeted network.
  4. Financially motivated. "Bank of xxxx" or "New Notification." This type of subject line, usually aimed at executives, often precedes an urgent funds-transfer appeal or pressing request on some other financial matter. In a large-scale study from phishing-solutions provider, Cofense, "invoice" was detected in six of ten subject lines of the most-clicked phishing emails. Other header terms users found irresistible included some variation of "payment remittance" and "statement." If you need help with cybersecurity strategy or training, contact TeamLogic IT today.