Contact us today!
(954) 575-3992
facebook linkedin Business Solutions & Software Group RSS Feed

Michael DeMarco

Business Solutions & Software Group has been serving the Coral Springs area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

What the Top Subject Lines for Phishing Emails Say About These Threats

What the Top Subject Lines for Phishing Emails Say About These Threats

Phishing emails have been around for quite some time, and for their entire existence they have gotten the better of even the most seasoned employees. What exactly contributes to their success? What kinds of subject lines go into creating a phishing email that users find to be convincing enough to actually want to click on and follow through on? Let’s take a look at a recent study that might glean some insights into this.

The folks over at Expel have issued a report revealing the most common subject lines used in phishing emails. The subject lines in question are particularly concerning, as they prompt action from the reader, meaning that users must be extremely careful to not accidentally download the wrong attachment or click on the wrong link for more information on the email.

The list of keywords they found to be most common in phishing emails were gathered from a list of 10,000 known malicious emails, with the primary theme amongst them being to instill some sense of urgency and create a reason for the user to act (an unsurprisingly similar tactic that is commonly seen in marketing emails as well).

Ben Brigida, Director and SOC of Operations at Expel, had this to say regarding the matter: "Attackers are trying to trick people into giving them their credentials. The best way to do this is to make the email look legitimate, prompt one clear action and lace it with emotion - urgency or fear of loss are the most common… The actions are as simple as 'go to this site' or 'open this file,' but the attacker wants you to be moving too fast to stop and question if it's legitimate.”

In other words, the simpler and more direct the phishing email, the better and more effective it is.

This is reflected in the keywords, many of which are designed to mimic emails sent from legitimate businesses. See below for three of the most common offenders:

  • RE: INVOICE
  • Missing Inv ####; From [Legitimate Business Name]
  • INV####

Since the fear of missing a payment can mean many things—especially for small businesses that rely on said services in order to function—many users don’t even question these emails and will, instead, willingly click on links or download files from these types of messages to see what they have missed. And, considering how many of these types of messages might be sent out from automated systems, the use of generic terminology is not necessarily indicative of an immediate security threat.

Other examples of common phishing subject lines include words like “required,” as well as topics such as verification, file or document sharing, action requirements, and service requests. Furthermore, the flags assigned to emails when they come into your inbox, like the “new” label that appears in certain email clients, can trigger employees to impulsively click on messages without first looking at who the sender is. 

Don’t let phishing emails get the better of you; give Business Solutions & Software Group a call at (954) 575-3992 and learn more about how you can secure your systems and train your employees to identify and respond to these types of messages.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 21 November 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Latest News

Our Site Has Launched!

flag

Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Business Solutions & Software Group!

Read more...

Contact Us

Learn more about what Business Solutions & Software Group can do for your business.

callphone

Call us today    (954) 575-3992

10211 W Sample Road
Suite 114
Coral Springs, Florida 33065

facebook linkedin #