Phishing Email Subject Lines You Should Know

Even the best employees will encounter situations where they might accidentally put your organization at risk due to a phishing attack. What are some of the telltale signs of a phishing scam and how can you tell when you need to be cautious? The subject lines of phishing emails can be indicative of their threat level. Let’s take a look.

Expel published a report on what the most common subject lines of phishing emails are, and the general consensus was that they all urged the reader to take action of some sort. For employees who are impulsive and don’t think twice about their actions, this can be devastating, and that’s not to mention the businesses who employ them.

The study in question examined 10,000 known malicious emails and found keywords used in phishing emails. Many of them used a sense of urgency to convince the reader that action was necessary. This tactic is nothing new for phishing scams, and considering this language is also used in marketing emails, it’s no wonder that the lines get so blurry with this topic.

Ben Brigida, Director and SOC of Operations at Expel, had this to say regarding the matter: “Attackers are trying to trick people into giving them their credentials. The best way to do this is to make the email look legitimate, prompt one clear action and lace it with emotion – urgency or fear of loss are the most common… The actions are as simple as ‘go to this site’ or ‘open this file,’ but the attacker wants you to be moving too fast to stop and question if it’s legitimate.”

In other words, simple and more direct subjects for phishing emails make for an easier hacking experience. This is reflected in the keywords utilized. You’ll notice that these subject lines also mimic those used by legitimate businesses. Here are three of the most common:

  • RE: INVOICE
  • Missing Inv ####; From [Legitimate Business Name]
  • INV####

Imagine receiving an invoice from a company with the threat of shutting down an important service that your business relies on. You might have so much going on in your business that you don’t even think twice and just assume that you haven’t made the payment. Naturally this is what the hacker is counting on. Take a step back and consult the appropriate resources before making a payment or clicking on a link. Sure, it could be legitimate—many invoicing companies and automated software use similar language—but it could also be a scam.

Other common phishing subject lines include words like “required,” “verification required,” or stem from file sharing, action requirements, or service requests. The tags that often get assigned to emails, like New or Update, don’t exactly help matters.

What are your thoughts on these email phishing subjects? Would you or your employees click on them accidentally? Don’t take any chances with your network security—get in touch with Lantek today.

November 15, 2021
Shawn Kramer