Cybersecurity Phishing

LinkedIn Tops in Phishing Clickbait at 42%

KnowBe4, revealed the results of its top-clicked phishing report that found that phishing email attacks messages relating to COVID-19 totalled at 56% of the time, in Q2 2020.

Social media messages are another major area of concern when it comes to phishing as illustrated in the chart below, where LinkedIn came up tops (at 42%) being the most frequent source of phishing emails subject, followed by Facebook (at 21%).

In Q2 2020, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organisation also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. The results are below.

Top 10 General Email Subjects

  • Password Check Required Immediately
  • Vacation Policy Update
  • Branch/Corporate Reopening Schedule
  • COVID-19 Awareness
  • Coronavirus Stimulus Checks
  • List of Rescheduled Meetings Due to COVID-19
  • Confidential Information on COVID-19
  • COVID-19 – Now airborne, Increased community transmission
  • Fedex Tracking
  • Your meeting attendees are waiting!

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q2 2020 included:

  • Microsoft: Abnormal log in activity on Microsoft account
  • Chase: Stimulus Funds
  • HR: Company Policy Notification: COVID-19 – Test & Trace Guidelines
  • Zoom: Restriction Notice Alert
  • Jira: [JIRA] A task was assigned to you
  • HR: Vacation Policy Update
  • Ring: Karen has shared a Ring Video with you
  • Workplace: [[company_name]] invited you to use Workplace
  • IT: ATTENTION: Security Violation
  • Earn money working from home.

KnowBe4, is the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 33,000 organisations around the globe.

(This content is surmised from a press release)