Cyber criminals use phishing to obtain sensitive information such as usernames, passwords and credit card details. A phishing email is designed to look like it’s come from a trustworthy source but contains malicious links or attachments.
Phishing is popular with cyber criminals, as it is easier to trick someone into clicking a malicious link in what appears to be a legitimate email than trying to hack into a computer or IT system.
Webroot recently scanned thousands of phishing emails from the past 18 months to identify the most common subject lines designed to trick recipients. To help you avoid becoming a phishing victim, here are the seven most prevalent phishing email subject lines.
1. ‘Assist Urgently’
To encourage the recipient to act quickly without fully thinking, attackers convey a sense of immediacy. Employees don’t want to risk being in trouble by not doing something.
Money is a motivator, so attackers use that to their advantage. ‘Statement’ and ‘Payment’ are also popular.
3. ‘Bank of [name of bank]’, ‘Notification [associated with said bank]’
Phishing emails that contain “Bank of’ in the subject often target senior-level staff members. To appear more credible they may contain the name of the recipient’s bank and follow a similar messaging style to that bank.
4. ‘Verify Your Account’
This subject line is common in credential theft. Attackers use this type of email to collect usernames and passwords enabling them access into a target network.
5. ‘Copy’ or ‘Document Copy’
Attachments are a favourite way to spread a virus. Receiving attachments via email is common, and the short subject title reflects the fact that modern business communication is relatively informal.
6. ‘Action Required: Pay your seller account balance’
Surprisingly, people often to respond to emails that tell them to do something in the subject.
7. ‘AMAZON: Your Order no #812-4623 might ARRIVED’
People who frequently shop on Amazon will respond to emails like these to see which order it’s referring to, or remind themselves of what they purchased. These types of emails increase during the holiday season when people are shopping more online.
How To Avoid A Phishing Email Scam
- Educate your employees and use mock phishing emails to test them.
- Use a spam filter on your email system.
- Keep your IT systems up to date with security patches and updates.
- Install antivirus software.
- Use a web filter to block malicious websites.
If you have any concerns about phishing or cyber security, please contact us on 01392 207194.