top of page
Writer's pictureDaniel Bumby

Top 5 phishing email subjects which users are still clicking on in 2021

The security threat landscape is constantly moving and evolving but one thing remains the same, you can have the perfect system but somewhere along the line is a human and unfortunately humans are prone to naivety or in the worst case, stupidity, with that in mind here are the top 5 phishing email subjects which users are still clicking on in 2021.


I have spent over 20 years in the technology industry and I would like to think that I know a scam email when I see it, however lets be honest the scammers are getting good at it and positioned to the right person at the right time they are seeing lots of success.


This is part of the cyber security blog posts targeted to highlight areas that businesses need to address to ensure security & protection of their valuable assets.


Here we talk about the risks caused by the post pandemic return to the office







Ok lets dive in


The growth of ransomware is being driven by the ability of even the most technophobic person to source and deploy a ransomware attack. The tools are available for as little as $200 dollars on the dark web and that is really frightening.


According to the European union agency for cyber security the top 15 cyber security threats are:


  1. Phishing

  2. Malware

  3. Ransomware

  4. Web-based attacks

  5. Spam

  6. Web application attacks

  7. DDoS

  8. Identity theft

  9. Data breach

  10. Insider threat

  11. Botnets

  12. Physical damage & manipulation

  13. Information leakage

  14. Cyber espionage

  15. Crypto jacking


Some great topics on the enisa website


Todays blog we focus on the brothers in arms; phishing & ransomware.


Here is the top 5 clicked phishing email subjects


First place goes to Linkedin


We see that Linkedin continues to dominate the top social media email subjects (47%) that people are falling for with the biggest examples:


  • You appeared in new searches this week - click here to see your searches

  • People are looking at your profile - click here to see who

  • Please add me to your LinkedIn network - click here to connect

  • Password reset required for LinkedIn





In 2nd place is Facebook


Still hanging around like a bad smell is our friends at Facebook, these email scams have been around for a long time, but they must still be delivering results because they make up 26% of total successful attacks.


Examples:


  • New sign in to your Facebook from a Samsung Galaxy S4 - if this wasn't you click here

  • Your friend tagged you in a photo on Facebook - click here to see





Tied in 3rd place is Motorola & Twitter


I would hazard a guess that the Motorola thing is to do with age of the owners, I say this because both my parents who are 68 & 70 have Motorola phones.


Example:


  • Login alert for Chrome on Motorola Moto X - if this wasn't you click here


As for Twitter, the basic ones are working the best by the looks of it


  • Someone has sent you a direct message on Twitter - click here to read it


Both Motorola and Twitter cover 10% each





In 5th place is voicemail


This will always be a high performer in the top threats list, here at 7% but simply because we are still driven by the need to be nosey, if someone has left you a message you absolutely want to listen to it as soon as possible.


Example:


  • New voice message received at 01:25am - click here to listen to the message




Ok thanks for reading so far, I hope you have found this useful ?


Questions


Which of the above do you think your business is most at risk from ?


Do you know who in your business would definitely click on one of the above ?


Summary


Phishing is not a new threat or an overly complex one at that, however the fact that it works and will continue to work in the right situation is a big enough threat that you need to do something about it.


FREE phishing industry benchmarking report


please click here to download a free copy of phishing by industry benchmarking report.





We can help you here (obviously)


FREE 100 user phishing test tool


If your not sure that phishing is a big enough threat to your business then run our free 100 user phishing test tool.





what do you get ?

  • Free test for up to 100 users (no need to talk to anyone)

  • Select from 20+ languages and customize the phishing test template based on your environment

  • Choose the landing page your users see after they click, Show users which red flags they missed, or a 404 page

  • See how your organisation compares to others in your industry


You will receive a PDF emailed to you within 24 hours with your Phish-prone % and charts to share with management.


No strings just part of our customer value strategy.


To sign up for a free phishing test contact one of our team today on


0114 553 3600



or complete the following secure form



Once again thanks for reading and here's to helping your staff not ruin your day


Alternatively you can read about the 12 benefits of outsourcing your cyber security operations in a blog written in February of this year






Thanks


Daniel

Comments


bottom of page