Security News > 2020 > July > Watch out for these subject lines in email phishing attacks
Email phishing attacks work by spoofing or referencing well-known topics that the attackers hope will arouse fear or concern or interest on the part of the recipients.
To compile its "Q2 2020 Top-Clicked Phishing Report," KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests as well as "In-the-wild" email messages that employees received and reported to their IT departments as suspicious.
The templates for the simulated phishing tests, which organizations use to help educate employees, were based on real phishing attacks.
Email phishing attacks with subjects related to COVID-19 remained prevalent last quarter, accounting for 56% of all the subject lines analyzed.
Phishing attacks that exploited Facebook used such subject lines as "Your Friend Tagged a Photo of You" and "Your friend tagged you in photos on Facebook." Campaigns spoofing Twitter tried to entice people with a subject line of "Someone has sent you a Direct Message on Twitter."
News URL
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- European companies hit with effective DocuSign-themed phishing emails (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)