TAMPA BAY, Fla., Oct. 28, 2021 /PRNewswire/ -- KnowBe4, the
provider of the world's largest security awareness training and
simulated phishing platform, today announced the results of its Q3
top-clicked phishing report.
"Social engineering attacks continue to be one of the top ways
malicious hackers breach organizations and/or cause damage," said
Stu Sjouwerman, CEO, KnowBe4. "We
are seeing a continued increase in phishing, including more use of
common HR types of communications and less reliance on obvious
social media phishing campaigns. By equipping security
professionals with more data on likely tactics and templates used
by cybercriminals executing phishing attacks, infosec professionals
can strengthen their human firewall. Now more than ever, end users
need to remain vigilant and remember to stop and think before they
click."
Top 10 Email Categories Globally:
1. Business
2. Online Services
3. Human Resources
4. IT
5. Banking and Finance
6. Coronavirus/COVID-19
Phishing
7. Mail Notifications
8. Phishing for Sensitive
Information
9. Social Networking
10. Brand Knockoffs
Top phishing email subjects were also broken out, comparing
those in the U.S. to those in Europe, the Middle
East and Africa (EMEA). In
Q3 2021, KnowBe4 examined tens of thousands of email subject lines
from simulated phishing tests. In the U.S., most of the email
subjects appear to originate from the users' organization. However,
in EMEA, the top subjects are related to users' everyday tasks. The
organization also reviewed 'in-the-wild' email subject lines that
show actual emails users received and reported to their IT
departments as suspicious. The results are below.
Top Phishing Email Subjects:
The U.S.
1. Vacation Policy Update
2. Password Check Required
Immediately
3. Important: Dress Code
Changes
4. Acknowledge Your
Appraisal
5. Remote Working Satisfaction
Survey
EMEA
1. Your Document is Complete -
Save Copy
2. Stefani has endorsed
you!
3. You have requested a reset
to your LinkedIn password
4. Windows 10 Upgrade Error
5. Internet Capacity
Warning
*Capitalization and spelling are as they were in the phishing
test subject line.
**Email subject lines are a combination of both simulated
phishing templates created by KnowBe4 for clients, and custom tests
designed by KnowBe4 customers.
Common "In-the-Wild" attacks:
- IT: Odd emails from your account
- IT: Upcoming Changes
- HR: Remote Working Satisfaction Survey
- Facebook: Your Facebook access has been temporarily
disabled for identity check
- Twitter: Potential Twitter Account Compromise
*Capitalization and spelling are as they were in the phishing
test subject line.
**In-the-wild email subject lines represent actual emails users
received and reported to their IT departments as suspicious. They
are not simulated phishing test emails.
For more information on KnowBe4, visit
www.knowbe4.com.
About KnowBe4
KnowBe4, the provider of the world's
largest security awareness training and simulated phishing
platform, is used by more than 41,000 organizations around the
globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organizations
address the human element of security by raising awareness about
ransomware, CEO fraud, and other social engineering tactics through
a new-school approach to awareness training on security.
Kevin Mitnick, an internationally
recognized cybersecurity specialist and KnowBe4's Chief Hacking
Officer, helped design the KnowBe4 training based on his
well-documented social engineering tactics. Tens of thousands of
organizations rely on KnowBe4 to mobilize their end users as their
last line of defense.
Media Contact
Amanda Tarantino
Public Relations Officer
KnowBe4
amandat@knowbe4.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/knowbe4-finds-increasingly-dangerous-attacks-in-phishing-emails-with-business-it-and-hr-focus-301410791.html
SOURCE KnowBe4