Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 26 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Security and HR phishing scams are luring employees, KnowBe4 report finds

Significant rise in phishing email attacks related to HR topics and security policy changes in particular

by Guru Writer
July 14, 2021
in Editor's News, Featured, News
security awareness
Share on FacebookShare on Twitter

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, has revealed the results of its Q2 2021 top-clicked phishing report.

There has been a significant rise in phishing email attacks related to HR topics, particularly regarding new policies that would affect all employees throughout organisations. Real phishing emails that were reported to IT departments related to security-minded users about password checks continue to remain popular. One subject area that has dropped off dramatically includes messages related to COVID-19. End users have become more savvy about scams related to that topic. Social media messages are another area of concern when it comes to phishing, and LinkedIn phishing messages dominate as the top social media email subject to watch out for, holding the number one spot at 41%.

“With more employees returning to the office, they are concerned about new policies that affect their everyday situations at work, which is why we are seeing a rise in these types of phishing attacks” said Stu Sjouwerman, CEO, KnowBe4. “These days, it is especially important for all end users to take a moment to double check a link or attachment and to question whether the email is expected or unexpected. Employees are truly an organisation’s last line of defence. They can be the difference between a successful attack and an unsuccessful one with proper security awareness training and testing.”

In Q2 2021, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organisation also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. The results are below.

Top 10 General Email Subjects:

-Password Check Required Immediately
-Vacation Policy Update
-Important: Dress Code Changes
-ACH Payment Receipt
-Test of the [[company_name]] Emergency Notification System
-Scheduled Server Maintenance — No Internet Access
-COVID-19 Remote Work Policy Update
-Scanned image from MX2310U@[[domain]]
-Security Alert
-Failed Delivery

*Capitalisation and spelling are as they were in the phishing test subject line.

**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q1 2021 included:

-Zoom: Important issue
-IT: Information Security Policy Review
-Mastercard: Confirmation: Your One-Time Password
-Facebook: Your account has been temporarily locked
-Google: Take action to secure your compromised passwords
-Microsoft: Help us protect you – Turn on 2-step verification to protect your account
-Docusign: Lucile Green requests you to sign Mandatory Security Training documents
-Internship Program
-IT: Remote working missing updates
-HR: Electronic Implementation of new HRIS

*Capitalisation and spelling are as they were in the phishing test subject line.

**In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

For more information on KnowBe4, visit www.knowbe4.com.

 

KnowBe4’s world-class summit is coming to EMEA on the 23rd of September 2021! This fully virtual, highly engaging, cybersecurity-focused event is designed for CISOs, security awareness training program administrators and InfoSec professionals, with talks covering the future of workplace security to bolstering an organisation’s security culture. Don’t miss out, and register today: https://www.knowbe4events.com/kb4-con-emea/home

FacebookTweetLinkedIn
ShareTweet
Previous Post

Outpost24 acquires threat intelligence provider Blueliv

Next Post

OneLogin Eases Adoption of Zero Trust Framework with Delegated Administration

Recent News

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023
The Journey to Secure Access Service Edge (SASE)

The Journey to Secure Access Service Edge (SASE)

September 22, 2023
WatchGuard

WatchGuard acquires CyGlass for AI-powered network anomaly detection

September 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information