Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

Data Breach Notification Most Clicked Subject in Phishing Tests

 
October 11th 2017
By Dan Raywood 

The most common subject line to get an employee’s attention and act to click relates to data breaches.

According to the top 10 global phishing email subject lines for Q3 2017 by KnowBe4, examining email subject lines from simulated phishing tests, the most clicked was ‘Official Data Breach Notification’ followed by common tactics such as fake delivery notes and workplace issues, including password expiry advisories, account updates and information claiming to be from HR.

“Phishing attacks are responsible for more than 90% of successful cyber-attacks and the level of sophistication hackers are now using makes it nearly impossible for a piece of technology to keep an organization protected against social engineering threats,” said Perry Carpenter, chief evangelist and strategy officer of KnowBe4.

Speaking to Infosecurity, Carpenter said that although companies spend $100,000s on security technology it only takes one malicious person to get in and cause a breach. He explained that security training remains key as often the main cause of data breaches is phishing, and if you improve behavior it can reduce the attack surface.

“We see urgency and fear of a breach as the drivers,” he said. “We have over 1400 templates and a concentration of themes so we know what is highly effective.”

Speaking on data breach notification accounting for 14% of the most clicked subject lines in phishing simulations, Carpenter added that getting a personalized email will capture the recipient’s interest and with the amount of reported data breaches, users will be expecting emails such as that.

“Phishing attacks are smart, personalized and timed to match topical news cycles. Businesses have a responsibility to their employees, their shareholders and their clients to prevent phishing schemes.”

Source