I have written an extensive piece on Social Engineering, which also covers about various Phishing Attacks while a separate article on Best Phishing Attack Vector of 2018. This post will show which Email subjects make the most of phishing categories for 2018, in other words: the subject lines that get unsuspecting users to interact with phishing emails the most. At the end I have added a Phishing Quiz made by Google which will test how good are you in identifying Phishing Attempts.
an intrigue of mystery that often makes people curious enough to click
Top Social Media Phishing Email Subjects
PieChart showing Email Subjects capturing Phishing Attempts while LinkedIn and Facebook seem to be at top
Top 10 General Phishing Emails Subjects
Social Media is not the only platform which is targeted while sending out phishing emails, many other general topics are also touched like “Password Check Required Immediately” is at the top with 19% Email Subjects , because this subject captures the interest of the user and gives chances of success for the attacker.
Common Attacks – In the Wild
The desire to receive communications intended for the individual is strong. The potential of something being wrong and/or at risk also plays into the human psyche, leaving the individual to think that he/she must act immediately to resolve the issue. These types of attacks are effective because they cause a person to react before thinking logically about the legitimacy of the email. Other alerts that contain warning types of messages can bring about feelings of alarm and cause an individual to make a panicked decision.
Data has been compiled by KnowBe4, a security awareness training and simulated phishing platform.
The Phishing Quiz
The question is : Can you spot when you’re being phished?. You might say ‘obviously’ but it is not always that simple. Unlock the content to take the Phishing Quiz and see how good you are at identifying the malicious attempts.
Once you Open the Phishing Quiz page you will be need to hit the “Take the Quiz” button after clicking that fill in any imaginary Name and Email in the form and the quiz will start.
The Phishing Quiz is built on very clever questions and you will need to give it a good glance to understand if it is a Phishing or Legitimate Email.
I am sharing an example email from the quiz below so you may know what you have to expect:
If you see the question in above image , it all seems perfect unless you hover over the link which shows “drive–google.com” now that’s not a real link rather the official link is drive.google.com or google.com/drive. That is how Phishing Attempts are made.
I scored 7 out of 8 , labelled an Legitimate question as Phishing. No harm in being over protective.
How good did you score in the Phishing Quiz ? and Whats the funniest or weirdest Phishing Email you have received ?