Top 10 Phishing Email Subject Lines: Q3 2022

Each quarter, KnowBe4 - the world’s largest security awareness training and simulated phishing platform - publishes the top-clicked phishing emails by subject lines. The results come from their millions of users reporting real phishing emails. The subjects are categorized into two different categories: those related to social media, general subjects, and 'In the Wild'.

The first category contains email subjects created by KnowBe4 to test their clients’ security posture. ‘In the Wild’ attacks refer to those email subjects that were real phishing emails and not KnowBe4 templates. Vectors are the methods used in the phishing attack.

Top 5 Most-Clicked General Email Subjects Globally in Q3 2022: 

1. HR: Vacation Policy Update

2. IT: Internet Report

3. Password Check Required Immediately

4. HR: Please update W4 for file

5. Weekly Performance Report

Most Common 'In the Wild' Emails in Q3 2022:

1. Equipment and Software Update

2. IT: IT Satisfaction Survey

3. Amazon: Amazon - delayed shipping

4. Google: Password Expiration Notice

5. Zoom: [[manager_name]] has sent you a message via Zoom Message Portal

Top Attack Vectors in Q3 2022:

1. Link - Phishing Hyperlink in the Email

2. Spoofs Domain - Appears to Come From the User's Domain

3. PDF Attachment - Email Contains a PDF Attachment

4. Branded - Phishing Test Link Has User's Organizational Logo and Name

5. Credentials Landing Page - Phishing Link Directs User to Data Entry or Login Landing Page

Key Takeaways

Most emails are related to business or mention HR in the title.

According to phishing tests and observations, the number one vector for cyberattacks is clicking on links in email bodies. These often lead to horrendous attacks such as ransomware and business email compromise.

Recently, there have been an increasing number of business-related scams being sent from HR/IT/Managers. These scams are successful because they play on users' emotions and initial reactions before the person has time to think logically about whether or not the email is legitimate.

Emails pretending to be from businesses were the most clicked subject category worldwide. They can come as messages supposedly from internal departments of an organization or external requests that seem urgent and entice users into taking some kind of action.

See KnowBe4’s original post.

PCS is a world-class leader in protecting data & identity for businesses and non-profits. We provide a critical service to businesses and non-profits by managing cybersecurity risks, including ransomware, crypto walkers, phishing emails, and other evolving cyber crimes. See how IT services can benefit your company.