Pay Attention to These Top-Clicked Phishing Email Subject Lines

How often do you receive spam or junk emails? If you are not cautious about how you share your email address, you might be receiving a ton of them every day. While most of these spam messages are likely to represent promotional content linked to services you might be not interested in at all, some of them could be sent by schemers.

Do you know what phishing emails are? These are misleading messages that are created to make the recipients act in a certain way. For example, they might be pushed to click a link that routes to an unfamiliar website, or click a button that, allegedly, would confirm their password. In most cases, phishing emails are set up to extract personal information. Unfortunately, more and more phishing attacks are discovered, but that also means that we have more knowledge that could help us protect ourselves against them. We even know the top-clicked email subject lines!

What are phishing emails?

If you are not familiar with the term, phishing.org said it best:

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

Basically, using phishing emails, cybercriminals cast a virtual fishing line with bait to trick unsuspecting users into taking it. They might be after your full name, home address, telephone number, social security number, and similar sensitive information, but, in most cases, they are after passwords, usernames, and other login credentials that could help them take over your accounts. Without a doubt, phishing emails need to be taken seriously. In fact, knowbe4.com suggests that 91% of all successful data breaches start with a phishing email. KnowBe4 is a company that provides security training, and it has recently shared the list of the 10 top-clicked email subject lines that people need to be careful about.

10 top-clicked email subject lines (2018 Q4)

According to KnowBe4, these are the top 10 subject lines from the last quarter of 2018 that you need to be vigilant about if you do not want to become a victim of a phishing scam.

• Password Check Required Immediately/Change of Password Required Immediately
• Your Order with Amazon.com/Your Amazon Order Receipt
• Announcement: Change in Holiday Schedule
• Happy Holidays! Have a drink on us.
• Problem with Bank Account
• De-activation of [[email]] in Process
• Wire Department
• Revised Vacation & Sick Time Policy
• Last reminder: please respond immediately
• UPS Label Delivery 1ZBE312TNY00015011

If you discover email messages with these subject lines in your inbox, the only thing you should do is remove them. Opening them is the last thing you should do. Of course, you must understand that virtual schemers are smart, and they know when the time to change things around comes. All in all, this list should give you a pretty good idea of what kinds of subject lines the misleading phishing emails might hide behind. KnowBe4 also listed five categories of phishing emails’ subject lines: deliveries, passwords, company policies, vacation, and IT department. So, for example, if you receive a strange message asking to confirm your password, a delivery date for a parcel, a new policy agreement, flight details, or security-related information, you need to be cautious.

Phishing attacks are not limited to emails

Without a doubt, it is important to understand phishing emails, and information that can give us insight into schemers’ minds is particularly helpful. This is why lists of top-clicked email subject lines are reviewed and shared with the public every quarter. That being said, there are other mediums that cyber attackers can use. For one, there are phishing websites. In fact, it is estimated that 1.4 million phishing websites are created every month, which is a shocking number. You could be routed to these sited via phishing emails, but you could also be routed to them via malicious sites, pop-ups, and random ads. Then we have tech-support scams. Although they are usually used to spread malware or fool unsuspecting users into paying money for bogus services and tools, schemers can also use them to extract personally identifiable and sensitive information.

If you come into contact with anyone asking to share your password, email address, telephone number, credit card information, or any other kind of personal data, you need to remember that phishing attacks are very prevalent these days. Needless to say, the more experience you have with, for example, phishing emails, the easier it is to spot them from a mile away. However, if you are inexperienced, and you do not know if you can unveil scams, remember that you need to be cautious at all times. If you receive an email message that looks completely legitimate, but you are asked to confirm personal information, we suggest calling the company directly to ask them if the email you received is legitimate. Of course, you should only contact companies that you are familiar with and can trust.

What to do if you were scammed?

If you opened phishing emails and clicked on suspicious links, opened suspicious attachments, or did anything else that you are worried about, you need to do a few things. If you have opened files, you must scan your operating system to make sure that malware was not dropped. If you have disclosed personal information, you need to be careful about identity theft and scams. For example, if you disclosed data pertaining to your bank accounts, you should call your bank immediately to seek help. If you have disclosed passwords, it is important that you change them immediately to prevent schemers from taking over. Note that if you use Cyclonis Password Manager, make sure that the browser extension is active so that your passwords would be automatically updated when you change them via the websites.