scarabou Posted January 24, 2019 Share Posted January 24, 2019 Users fall for these Email Phishing subjects the most Is phishing still a thing? KnowBe4, a security training company, released details on the top clicked phishing email subjects of the fourth quarter of 2018; in other words: the subject lines that get unsuspecting users to interact with phishing emails the most. The data comes from two sources: simulated phishing emails used by KnowBe4 customers and Phish Alert Button interactions. Phishing is quite the problem on today's Internet. While additional security features such as two-factor authentication may block some attacks dead in their track, it all comes down to users in the end. Attackers invent new ways to trick users. In 2017, they used Punycode domains to make domain names look like the real deal, or Google phishing emails that gave the attacker access to emails and contacts The following email subjects top the list: Password Check Required Immediately/Change of Password Required Immediately 19% Your Order with Amazon.com/Your Amazon Order Receipt 16% Announcement: Change in Holiday Schedule 11% Happy Holidays! Have a drink on us. 10% Problem with the Bank Account 8% De-activation of [] in Process 8% Wire Department 8% Revised Vacation & Sick Time Policy 7% Last reminder: please respond immediately 6% UPS Label Delivery 1ZBE312TNY00015011 6% Several of these subjects are Holiday themed; these will change in the coming quarters. Common themes include shipping and delivery emails, security related emails, company policy emails, and seasonal emails. Passwords and security, as well as email subjects that demand action or are of concern to the user, are commonly used in phishing emails. The company tracks social media email subjects separately. The top list looks like this: LinkedIn email subjects, e.g. Add Me, Join My Network, New Endorsements, Profile Views 39% Facebook email subjects, e.g. Password change or Primary email change. Pizza, e.g. free pizza or anniversary, 10% Motorola login alerts, 9% New Voice Message, 6% Your friend tagged a photo, 6% Your password was successfully reset, 6% Secure your account, 4% You have a new unread message, 3% It is surprising that LinkedIn tops the list and not Facebook. Several security related messages are in the top ten, but most social media email subjects used to phish data focuses on interaction on the service. Closing Words Phishing attacks have evolved over the years; it is no longer enough to push millions of emails with phishing links to users. Attackers create emails that spark user interest or concern, and put effort in creating email subjects that catch a user's attention as these determine whether a user opens the email to read the body content (and interact with it) or not. Most phishing attacks would fall short if users would never click on links in emails. Now You: What is your take on phishing in 2018? Still as much a threat as in 2010? Source Link to comment Share on other sites More sharing options...
Arachnoid Posted January 24, 2019 Share Posted January 24, 2019 Your source link is an email request Link to comment Share on other sites More sharing options...
scarabou Posted January 24, 2019 Author Share Posted January 24, 2019 Sorry. Source link corrected. Link to comment Share on other sites More sharing options...
Karlston Posted January 24, 2019 Share Posted January 24, 2019 Is phishing still a thing? KnowBe4, a security training company, released details on the top clicked phishing email subjects of the fourth quarter of 2018; in other words: the subject lines that get unsuspecting users to interact with phishing emails the most. The data comes from two sources: simulated phishing emails used by KnowBe4 customers and Phish Alert Button interactions. Phishing is quite the problem on today's Internet. While additional security features such as two-factor authentication may block some attacks dead in their track, it all comes down to users in the end. Attackers invent new ways to trick users. In 2017, they used Punycode domains to make domain names look like the real deal, or Google phishing emails that gave the attacker access to emails and contacts. The following email subjects top the list: Password Check Required Immediately/Change of Password Required Immediately 19% Your Order with Amazon.com/Your Amazon Order Receipt 16% Announcement: Change in Holiday Schedule 11% Happy Holidays! Have a drink on us. 10% Problem with the Bank Account 8% De-activation of ((email)) in Process 8% Wire Department 8% Revised Vacation & Sick Time Policy 7% Last reminder: please respond immediately 6% UPS Label Delivery 1ZBE312TNY00015011 6% It is surprising that LinkedIn tops the list and not Facebook. Several security related messages are in the top ten, but most social media email subjects used to phish data focuses on interaction on the service. Closing Words Phishing attacks have evolved over the years; it is no longer enough to push millions of emails with phishing links to users. Attackers create emails that spark user interest or concern, and put effort in creating email subjects that catch a user's attention as these determine whether a user opens the email to read the body content (and interact with it) or not. Most phishing attacks would fall short if users would never click on links in emails. Source: Users fall for these Email Phishing subjects the most (gHacks - Martin Brinkmann) EDIT: Fix some mailto weirdness that turned half the post in to weird links. Link to comment Share on other sites More sharing options...
barca4000 Posted January 24, 2019 Share Posted January 24, 2019 Phishing Mails are getting quite convincing, like the other day i got a mail from an weird id (....@noreply-yybusiness) with subject line as Confirmation of payment on a apple product with an docx imbibed malware file. The most uncanny part of the mail was the "To" column, they have pasted : [email protected],[email protected] to make the mail look legit and to top it all off my free email provider prompted that the mail had originated from Apple Payment even thought it's clearly not. Link to comment Share on other sites More sharing options...
Reefa Posted January 24, 2019 Share Posted January 24, 2019 @scarabou Thread moved from software chat and merged... Link to comment Share on other sites More sharing options...
noor Posted January 25, 2019 Share Posted January 25, 2019 Yes, they are becoming trickier. Fell for one a few years ago. Hope never again. Link to comment Share on other sites More sharing options...
straycat19 Posted January 25, 2019 Share Posted January 25, 2019 A friend who worked for IBM many years ago on their MainFrames and who is a little geeky but outdated, just related an incident that happened to him the other day. He received an email supposedly from Amazon that thanked him for his purchase and listed a price and item. He knew he hadn't bought anything and when asked his wife hadn't either, so he panicked and called Amazon. He was told to forward the email to them but was so concerned he also had all his credit card information removed from his Amazon account. I assured him there was nothing to worry about but that he should get a credit card with one of the companies I use since every charge made on the card creates a text message and an email notifying me of the charge. If it is with a company I don't deal with frequently then I get a text message and an email to which I have to respond with CONFIRM or DENY for the charge. I had a card about 20 years ago that was hacked and the immediate indication was a $1 donation to the Red Cross, things like this are used to test the validity of the card. Unfortunately for the thieves it also triggered a notification and within minutes the card was cancelled before other charges could be made. I have a lot of official email accounts with agencies/organizations that I have worked with in the past and some of them have attracted a lot of spam. Some are really realistic, such as one I got from me to me that said my account had been hacked and if I didn't pay a ransom my account would be deleted. I traced the email and it looked authentic, going thru Microsoft 365 servers and so on, until I got to the originating IP, which was located in China. I knew my account had not been hacked. I check my passwords on the HIBP password database and not one of my 127 active passwords are in their database. Some of my email addresses are in the HIBP database but that means nothing because some of them are ancient and I even checked the passwords I used for them back then and they aren't in the database. I use to keep my various login account information in an encrypted excel spreadsheet, but with the advent of programs like 1Password and Keepass it has become much easier to formulate and use long weird passwords. Link to comment Share on other sites More sharing options...
Arachnoid Posted January 25, 2019 Share Posted January 25, 2019 On 1/24/2019 at 2:11 PM, scarabou said: Sorry. Source link corrected. It seemed quite funny considering the main content Link to comment Share on other sites More sharing options...
scarabou Posted January 26, 2019 Author Share Posted January 26, 2019 9 hours ago, Arachnoid said: It seemed quite funny considering the main content Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.