It is Phishing Season

The latest results of KnowBe4's quarterly top-clicked phishing email subjects are in. They report on three different categories: social media related subjects, general subjects, and 'in the wild' attacks.

KnowBe4 describes phishing as the process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity using bulk email which tries to evade spam filters.

top-clicked phishing testsThe Top 10 Most-Clicked General Email Subject Lines Globally for the past quarter include:

  1. Password Check Required Immediately
  2. Vacation Policy Update
  3. Branch/Corporate Reopening Schedule
  4. COVID-19 Awareness
  5. Coronavirus Stimulus Checks
  6. List of Rescheduled Meetings Due to COVID-19
  7. Confidential Information on COVID-19
  8. COVID-19 - Now airborne, Increased community transmission
  9. Fedex Tracking
  10. Your meeting attendees are waiting!

“It’s no surprise that phishers and scammers are using the avalanche of new information and events involving the global coronavirus pandemic as a way to successfully phish more victims,” said Stu Sjouwerman, CEO, KnowBe4. “These phishing scams are becoming more aggressive and more targeted as this pandemic continues. Everyone should remain very skeptical of any email related to COVID-19 coming into their inbox.”

Four Steps to Protect Yourself from Phishing Threats

Your email spam filters may keep many phishing emails out of your inbox. But scammers are always trying to outsmart spam filters, so it’s a good idea to add extra layers of protection. The FTC provides four steps to protect yourself from phishing attacks.

  1. Protect your computer by using security software. Set the software to update automatically so it can deal with any new security threats.
  2. Protect your mobile phone by setting software to update automatically. These updates could give you critical protection against security threats.
  3. Protect your accounts by using multi-factor authentication. Some accounts offer extra security by requiring two or more credentials to log in to your account. This is called multi-factor authentication. It makes it harder for scammers to log in to your accounts if they do get your username and password.
  4. Protect your data by backing it up. Back up your data and make sure those backups aren’t connected to your home network. You can copy your computer files to an external hard drive or cloud storage. Back up the data on your phone, too.

Resource Articles