Computer, phone, and coffee cup on a desk. The computer screen is showing an email alert.

HR-Related Subjects Represent Half of Malicious Emails Clicked


Print Friendly, PDF & Email

KnowBe4’s latest reports on top-clicked phishing email subjects have been released for Q2 2023. This last quarter’s results reflect the popularity of HR-related email subjects such as vacation policy notifications, dress code changes, and past-due training alerts that can affect end users’ daily work.

“The threat of phishing emails remains as high as ever as cybercriminals continuously tweak their messages to be more sophisticated and seemingly credible,” said Stu Sjouwerman, CEO, KnowBe4. “The trend of phishing emails revealed in the Q2 phishing report is especially concerning, as 50% of these emails appear to come from HR – a trusted and crucial department of many, if not all, organizations. These disguised emails take advantage of employee trust and typically incite action that can result in disastrous outcomes for the entire organization. New-school security awareness training for employees is crucial to help combat phishing and malicious emails by educating users on the most common cyberattacks and threats. An educated workforce is an organization’s best defense and is essential to fostering and maintaining a strong security culture.”

Each quarter, KnowBe4 examines ‘in-the-wild’ email subject lines that show real emails that users received and reported to their IT departments as suspicious. In addition to HR subjects, KnowBe4 reviews important looking messages dealing with purchases and financial institutions, as well as IT and online service notifications:

Common ‘In-The-Wild’ Emails for Q2 2023:

  • HR: Staff Rewards Program
  • Someone is trying to send you money
  • IT: Important Email Upgrades
  • ALERT – Mail Redirect Triggered
  • Amazon: Action Needed: Purchase Attempt
  • Microsoft 365: [[display_name]], MFA Security Review is Required
  • A fax has arrived
  • Google: [[manager_name]] invited you to join Google Chat Group
  • Metamask Wallet Update
  • Chase: Confirm Your Card Possession

Unsurprisingly, phishing links in the email body are consistently the #1 attack vector we see every quarter. When these links are clicked, they often lead to disastrous cyberattacks such as ransomware and business email compromise. Other top attack vectors are as follows:

Top 5 Attack Vector Types

  1. Link – Phishing Hyperlink in the Email
  2. Spoofs Domain – Appears to Come from the User’s Domain
  3. PDF Attachment – Email Contains a PDF Attachment
  4. HTML Attachment – Email Contains an HTML Attachment
  5. Branded – Phishing Test Link Has User’s Organizational Logo and Name

Yeo & Yeo Technology can help train your employees to identify malicious emails with our security awareness training and testing. Looking to educate your human firewall? Contact us today.

*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines combine both simulated phishing templates created by KnowBe4 for clients and custom tests designed by KnowBe4 customers.

Information used in this article was provided by our partners at KnowBe4.

Want To Learn More?

Connect with one of our professionals today.