Uncover the secrets behind email phishing’s ongoing profitability, revealed through KnowBe4’s latest report.
Despite the fact that email phishing has been a problem for people and businesses for more than a decade, how do con artists keep making money? The top email subjects clicked on were revealed in KnowBe4’s most recent phishing test report, which is a security awareness training and simulated phishing platform provider.
According to the KnowBe4 2023 Phishing by Industry Benchmarking Report, 33.1% of users are likely to click on a questionable link or cooperate with a phony email request.
Phishing emails continue to be one of the most popular ways to successfully carry out destructive attacks on organizations all across the world, according to the security awareness company. Cybercriminals regularly hone their tactics to remain abreast of market trends and outwit end users and organizations by coming up with plausible and realistic phishing email subjects.
In order to get someone to click on a phishing link or harmful attachment, fraudsters frequently play on emotions and work to create anxiety, bewilderment, panic, or even excitement.
With the growing practice of hackers employing email subjects from HR pertaining to dress code modifications, training announcements, vacation updates, and more, phishing techniques are evolving. These are efficient because they may prompt an employee to react before critically evaluating the email’s validity and have the ability to affect both their personal and professional lives.
This quarter, fraudsters also used holiday-themed phishing email subjects, with four of the top five holiday email subjects purporting to be from HR. Holiday festivities, timetable changes, and incentives mentioning national holidays like “Juneteenth” and “the Fourth of July” were employed as lures for unwary end users. The research also highlights the ongoing practice of using IT and online service notifications, along with tax-related email subjects.
“An organization’s best defense is a workforce that is educated”
Stu Sjouwerman, CEO of KnowBe4, provided additional explanation for the report’s conclusions: “As long as thieves continue to improve their messages to make them more sophisticated and convincing-looking, the threat of phishing emails will never go away.
“The trend of phishing emails reported in the Q2 phishing report is particularly worrying, as 50% of these emails appear to come from HR – a trusted and important department of so many, if not all, organizations.
“These spoofed emails prey on employee trust and frequently spur behavior that can have severe effects on the entire organization.
By educating users on the most frequent cyberattacks and dangers, new-school security awareness training for employees is essential to thwart phishing and fraudulent emails. The best defense for a company is a well-educated personnel, which is crucial for developing and sustaining a strong security culture.
