top of page

Top-Clicked Phishing Tests

Phishing works and the 'phishermen' are getting better with baiting their hooks. Your employees are biting. Business phishing emails are the most clicked subject category across the world. These range from messages purporting to be from internal organizational departments, to external requests for information that convey a sense of urgency and entice users to take an action.

Here are the top 10 'in the wild' attacks:

  1. Equipment and Software Update

  2. Mail Notification: You have 5 Encrypted Messages

  3. Amazon: Amazon - delayed shipping

  4. Google: Password Expiration Notice

  5. Action required: Your payment was declined

  6. Wells Fargo: Transfer Completed

  7. DocuSign: Please review and sign your document

  8. IT: IT Satisfaction Survey

  9. Zoom: [[manager_name]] has sent you a message via Zoom Message Portal

  10. Microsoft: Microsoft account security code

We have seen a lot more business related subjects coming from HR/IT/Managers in recent months. Others involve logins on new devices and password resets. These attacks are effective because they could potentially affect users' daily work, and cause a person to react before thinking logically about the legitimacy of the email.

The top 10 email SUBJECTS globally are:

  1. Google: You were mentioned in a document: "Strategic Plan Draft"

  2. HR: Important: Dress Code Changes

  3. HR: Vacation Policy Update

  4. Adobe Sign: Your Performance Review

  5. Password Check Required Immediately

  6. Acknowledge Your Appraisal

  7. IT: Internet Report

  8. Main points from today's meeting

  9. USAA: Account Suspension

  10. Employee Expense Reimbursement for [[email]]

Finally, this is a ranking of top attack vector types used in KnowBe4 Phishing Security Tests. Integrated Cyber is a partner, licensed reseller, and provider of a full managed service for KnowBe4's cyber training software.


#1 Phishing links in the email body


Unsurprisingly, the #1 vector for the past quarter from KnowBe4's phishing tests and those seen in the wild are phishing links in the email body. When these links are clicked they often lead to disastrous cyberattacks such as ransomware and business email compromise.

The top 5 attack vectors are:

  1. Link Phishing Hyperlink in the Email

  2. Spoofs Domain Appears to Come From the User's Domain

  3. PDF Attachment Email Contains a PDF Attachment

  4. Branded Phishing Test Link Has User's Organizational Logo and Name

  5. Credentials Landing Page Phishing Link Directs User to Data Entry or Login Landing Page

Download the infographic from the Cyber Training & Awareness Page - click here


Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page