Phishing works and the 'phishermen' are getting better with baiting their hooks. Your employees are biting. Business phishing emails are the most clicked subject category across the world. These range from messages purporting to be from internal organizational departments, to external requests for information that convey a sense of urgency and entice users to take an action.
Here are the top 10 'in the wild' attacks:
Equipment and Software Update
Mail Notification: You have 5 Encrypted Messages
Amazon: Amazon - delayed shipping
Google: Password Expiration Notice
Action required: Your payment was declined
Wells Fargo: Transfer Completed
DocuSign: Please review and sign your document
IT: IT Satisfaction Survey
Zoom: [[manager_name]] has sent you a message via Zoom Message Portal
Microsoft: Microsoft account security code
We have seen a lot more business related subjects coming from HR/IT/Managers in recent months. Others involve logins on new devices and password resets. These attacks are effective because they could potentially affect users' daily work, and cause a person to react before thinking logically about the legitimacy of the email.
The top 10 email SUBJECTS globally are:
Google: You were mentioned in a document: "Strategic Plan Draft"
HR: Important: Dress Code Changes
HR: Vacation Policy Update
Adobe Sign: Your Performance Review
Password Check Required Immediately
Acknowledge Your Appraisal
IT: Internet Report
Main points from today's meeting
USAA: Account Suspension
Employee Expense Reimbursement for [[email]]
Finally, this is a ranking of top attack vector types used in KnowBe4 Phishing Security Tests. Integrated Cyber is a partner, licensed reseller, and provider of a full managed service for KnowBe4's cyber training software.
#1 Phishing links in the email body
Unsurprisingly, the #1 vector for the past quarter from KnowBe4's phishing tests and those seen in the wild are phishing links in the email body. When these links are clicked they often lead to disastrous cyberattacks such as ransomware and business email compromise.
The top 5 attack vectors are:
Link Phishing Hyperlink in the Email
Spoofs Domain Appears to Come From the User's Domain
PDF Attachment Email Contains a PDF Attachment
Branded Phishing Test Link Has User's Organizational Logo and Name
Credentials Landing Page Phishing Link Directs User to Data Entry or Login Landing Page
Download the infographic from the Cyber Training & Awareness Page - click here