KnowBe4 Releases the Top-Clicked Phishing Emails For Q1 2020
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, recently revealed the results of its Q1 2020 top-clicked phishing report. The report shows the phishing email subject lines that were most commonly clicked on during the first quarter of 2020 and is based on tens of thousands of email subject lines examined from simulated phishing tests and “in-the-wild” attacks.
The results showed that phishing email attacks related to COVID-19 were up 600% in Q1 2020. A Coronavirus-related message was the second most clicked on phishing email (10%), and emails with an urgent request to check passwords immediately were the most popular throughout the entire quarter (45%). The report also showed that social media email subject lines claiming to reveal new login alerts, password resets, and unauthorized access to account messages are becoming more commonly clicked upon by unsuspecting receivers.
Based on the results of the simulated phishing tests, KnowBe4 released the top 10 general email subjects that were clicked upon during Q1 2020:
- CDC Health Alert Network: Coronavirus Outbreak Cases
- PTO Policy Changes
- Scheduled Sever Maintenance – No Internet Access
- Test of the [[company_name]] Emergency Notification System
- Revised Vacation & Sick Time Policy
- De-activation of [[email]] in Process
- Please Read Important from Human Resources
- Someone special sent you a Valentine’s Day ecard!
- You have been added to a team in Microsoft Teams
KnowBe4 also distributed the most common “in-the-wild” attacks that were received by users and then reported as suspicious:
- List of Rescheduled Meetings Due to COVID-19
- SharePoint: Coronavirus (COVID-19) Tax Cut Document
- Confidential Information on COVID-19
- IT: Work from home – VPN connection
- Comcast: Notification from Carl Vargas
- Microsoft: Your meeting will begin soon
- HR: New Employee Stock Purchase Plan
- Vodafone: Caller Alert: Msg Received Today
- Amazon Chime: Vonage invites you to join vonage_303136
- Parking Authority: Parking Ticket: Pay Charge
Unsurprisingly, many of the top subjects in both the simulated phishing tests and the “in-the-wild” attacks were COVID-19 or work-related. Cybercriminals are notorious for taking advantage of current events to lure in unsuspecting victims, and these lists demonstrate some of the methods that may be used by attackers to trick victims into clicking on a malicious email.
The image below from the KnowBe4 report summarizes the most common phishing email subjects during the first quarter of 2020.