The security threat landscape is constantly moving and evolving but one thing remains the same, you can have the perfect system but somewhere along the line is a human and unfortunately humans are prone to naivety or in the worst case, stupidity, with that in mind here are the top 5 phishing email subjects which users are still clicking on in 2021.
I have spent over 20 years in the technology industry and I would like to think that I know a scam email when I see it, however lets be honest the scammers are getting good at it and positioned to the right person at the right time they are seeing lots of success.
This is part of the cyber security blog posts targeted to highlight areas that businesses need to address to ensure security & protection of their valuable assets.
Here we talk about the risks caused by the post pandemic return to the office
Ok lets dive in
The growth of ransomware is being driven by the ability of even the most technophobic person to source and deploy a ransomware attack. The tools are available for as little as $200 dollars on the dark web and that is really frightening.
According to the European union agency for cyber security the top 15 cyber security threats are:
Phishing
Malware
Ransomware
Web-based attacks
Spam
Web application attacks
DDoS
Identity theft
Data breach
Insider threat
Botnets
Physical damage & manipulation
Information leakage
Cyber espionage
Crypto jacking
Todays blog we focus on the brothers in arms; phishing & ransomware.
Here is the top 5 clicked phishing email subjects
First place goes to Linkedin
We see that Linkedin continues to dominate the top social media email subjects (47%) that people are falling for with the biggest examples:
You appeared in new searches this week - click here to see your searches
People are looking at your profile - click here to see who
Please add me to your LinkedIn network - click here to connect
Password reset required for LinkedIn
In 2nd place is Facebook
Still hanging around like a bad smell is our friends at Facebook, these email scams have been around for a long time, but they must still be delivering results because they make up 26% of total successful attacks.
Examples:
New sign in to your Facebook from a Samsung Galaxy S4 - if this wasn't you click here
Your friend tagged you in a photo on Facebook - click here to see
Tied in 3rd place is Motorola & Twitter
I would hazard a guess that the Motorola thing is to do with age of the owners, I say this because both my parents who are 68 & 70 have Motorola phones.
Example:
Login alert for Chrome on Motorola Moto X - if this wasn't you click here
As for Twitter, the basic ones are working the best by the looks of it
Someone has sent you a direct message on Twitter - click here to read it
Both Motorola and Twitter cover 10% each
In 5th place is voicemail
This will always be a high performer in the top threats list, here at 7% but simply because we are still driven by the need to be nosey, if someone has left you a message you absolutely want to listen to it as soon as possible.
Example:
New voice message received at 01:25am - click here to listen to the message
Ok thanks for reading so far, I hope you have found this useful ?
Questions
Which of the above do you think your business is most at risk from ?
Do you know who in your business would definitely click on one of the above ?
Summary
Phishing is not a new threat or an overly complex one at that, however the fact that it works and will continue to work in the right situation is a big enough threat that you need to do something about it.
FREE phishing industry benchmarking report
please click here to download a free copy of phishing by industry benchmarking report.
We can help you here (obviously)
FREE 100 user phishing test tool
If your not sure that phishing is a big enough threat to your business then run our free 100 user phishing test tool.
what do you get ?
Free test for up to 100 users (no need to talk to anyone)
Select from 20+ languages and customize the phishing test template based on your environment
Choose the landing page your users see after they click, Show users which red flags they missed, or a 404 page
See how your organisation compares to others in your industry
You will receive a PDF emailed to you within 24 hours with your Phish-prone % and charts to share with management.
No strings just part of our customer value strategy.
To sign up for a free phishing test contact one of our team today on
0114 553 3600
email me daniel.bumby@simoda.co.uk
or complete the following secure form
Once again thanks for reading and here's to helping your staff not ruin your day
Alternatively you can read about the 12 benefits of outsourcing your cyber security operations in a blog written in February of this year
Thanks
Daniel
Comments