share on
Cybercriminals are constantly refining their strategies to outsmart email recipients by creating phishing email subjects that are realistic and believable.
Would you tend to open or click on an email link if the subject line was "HR: Important: Dress Code Changes"?
Well, it's likely that you and a lot of others would, as HR-related email subject lines have topped a list of phishing tests globally.
In KnowBe4's top-clicked phishing report, titled 2023 Phishing by Industry Benchmarking Report, the following are the most-clicked HR-related email subjects that have piqued interest from the recipients:
- 11% - HR: Important: Dress Code Changes
- 11% - HR: Please update W4 for file
- 10% - HR: Vacation Leave Notice: Plan Your Time Off Now!
- 9% - HR: Vacation Policy Update
- 9% - HR: Your training is past due
That's a total of 50% of the top responses referring to HR-related topics.
As for the other suspicious subject lines, that were not related to HR, they included:
- 15% - Possible typo
- 10% - Adobe Sign: Your Performance Review
- 9% - Google: You were mentioned in a document: "Strategic Plan Draft"
- 8% - You Have A New Voicemail
- 8% - Bad customer review received - Please take action ASAP
As shared in the report: "Cybercriminals are constantly refining their strategies to stay up-to-date with market trends and outsmart end users and organisations by creating phishing email subjects that are realistic and believable. They prey on emotions and aim to cause distress, confusion, panic or even excitement in order to entice someone to click on a phishing link or malicious attachment."
In fact, the findings revealed that nearly one in three users are likely to click on a suspicious link or comply with a fraudulent request.
It was noted that HR-related email subjects tend to be effective because they may cause a person to react before thinking logically about the legitimacy of the email and have the potential to impact an employee's personal life and professional workday.
As such, holiday phishing email subjects have also also utilised this past quarter with four out of the five top holiday email subjects appearing to have come from HR, with "HR: Change in Holiday Schedule" being one of the most common ones.
Stu Sjouwerman, CEO, KnowBe4, commented: "The threat of phishing emails remains as high as ever as cybercriminals continuously tweak their messages to be more sophisticated and seemingly credible. The trend of phishing emails revealed in the Q2 phishing report is especially concerning, as 50% of these emails appear to come from HR – a trusted and crucial department of so many, if not all organisations."
ALSO READ: How to set an acceptable use policy for newbies to prevent cyberattacks
Lead image / KnowBe4
share on
Follow us on Telegram and on Instagram @humanresourcesonline for all the latest HR and manpower news from around the region!
Related topics
