Computer, phone, and coffee cup on a desk. The computer screen is showing an email alert.

A Breakdown of the Most Common Phishing Email Subject Lines


Print Friendly, PDF & Email

In Q2 2021, KnowBe4 examined thousands of email subject lines from simulated phishing tests and in-the-wild emails. See the full infographic with top messages in each category for the last quarter or read a summary of the results below.

The Top 10 Most Clicked Simulated Email Subject Lines Include:

  1. Password Check Required Immediately
  2. Vacation Policy Update
  3. Important: Dress Code Changes
  4. ACH Payment Receipt
  5. Test of the [[company_name]] Emergency Notification System
  6. Scheduled Server Maintenance — No Internet Access
  7. COVID-19 Remote Work Policy Update
  8. Scanned image from MX2310U@[[domain]]
  9. Security Alert
  10. Failed Delivery

The Top 10 Most Common In-The-Wild Email Subject Lines Include:

  1. Zoom: Important issue
  2. IT: Information Security Policy Review
  3. Mastercard: Confirmation: Your One-Time Password
  4. Facebook: Your account has been temporarily locked
  5. Google: Take action to secure your compromised passwords
  6. Microsoft: Help us protect you – Turn on 2-step verification to protect your account
  7. Docusign: Lucile Green requests you to sign Mandatory Security Training documents
  8. Internship Program
  9. IT: Remote working missing updates
  10. HR: Electric Implementation of new HRIS

Key Takeaways

HR Phishing Clicks are Spiking

There has been a significant rise in phishing email attacks related to HR topics, especially those regarding new policies that would affect all employees. Standard phishing emails include:

  • Reminders to update and check passwords.
  • COVID-19 policy and procedure updates.

LinkedIn Still Draws the Most Social Media Subject Clicks

LinkedIn phishing messages have dominated the social media category for the last three years. Users may perceive these emails as legitimate since LinkedIn is a professional network, which could pose significant problems because many LinkedIn users have their accounts tied to their corporate email addresses. Top-clicked subjects in this category also include Facebook and Twitter notifications, message alerts, and login alerts.

Think Before You Click

These days, it is essential for all end users to take a moment to double-check a link or attachment and to question whether the email is expected or unexpected. Employees are an organization’s last line of defense. They can be the difference between a successful attack and an unsuccessful one with proper security awareness training and testing.

Looking to educate your human firewall? Contact Yeo & Yeo Technology.

Information used in this article was provided by our partners at KnowBe4.

Want To Learn More?

Connect with one of our professionals today.