Q4 2020 KnowBe4 finds work from home-related phishing email attacks on the rise

 In its Q4 2020 top-clicked phishing report, KnowBe4,  revealed that work-related email subjects such as corporate policy changes are becoming more popular with the Coronavirus pandemic continuing to keep more people working from home. Covering the entire fourth quarter, real phishing emails that were reported to IT departments related to working from home are on the rise. Social media messages are another area of concern when it comes to phishing, and LinkedIn phishing messages dominate as the top social media email subject to watch out for, holding the number one spot at 47%.

“It’s no surprise that phishing attacks related to working from home are increasing given that many countries around the world have seen their employees working from home offices for nearly a year now,” said Stu Sjouwerman, CEO, KnowBe4. “Just because employees may be more used to their home office environment doesn’t mean that they can let their guard down. The bad guys deploy manipulative attacks intended to strike certain emotions to cause end users to skip critical thinking and go straight for that detrimental click.”

In Q4 2020, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organization also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. The results are below.

Top 10 General Email Subjects:

  • Password Check Required Immediately
  • Touch base on meeting next week
  • Vacation Policy Update
  • COVID-19 Remote Work Policy Update
  • Important: Dress Code Changes
  • Scheduled Server Maintenance — No Internet Access
  • De-activation of [[email]] in process
  • Please review the leave law requirements
  • You have been added to a team in Microsoft Teams
  • Company Policy Notification: COVID-19 – Test & Trace Guidelines

*Capitalisation and spelling are as they were in the phishing test subject line.

**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q4 2020 included:

  • IT: Annual Asset Inventory
  • Changes to your health benefits
  • Twitter: Security alert: new or unusual Twitter login
  • Amazon: Action Required | Your Amazon Prime Membership has been declined
  • Zoom: Scheduled Meeting Error
  • Google Pay: Payment sent
  • Stimulus Cancellation Request Approved
  • Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription
  • RingCentral is coming!
  • Workday: Reminder: Important Security Upgrade Required

*Capitalisation and spelling are as they were in the phishing test subject line.

**In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

Read the latest edition of PCR’s monthly magazine below:

Like this content? Sign up for the free PCR Daily Digest email service to get the latest tech news straight to your inbox. You can also follow PCR on Twitter and Facebook.

Check Also

Comms365 awarded funding as part of ChargePlace Scotland’s low carbon transport challenge

Comms365 Limited has been announced as a winner of the first phase of the Low Carbon …