Phishing Report: More Business-Related Phishing Emails In Circulation
KnowBe4 report on the most clicked phishing emails in Q3 2022.
The findings include the top email topics clicked on in phishing tests. They reflect a shift from personal to business-related email topics, including internal requests and updates from HR, IT and managers.
Research from cloud and email security specialist Avanan shows that nearly 19 percent of phishing emails were bypassed by the Microsoft Defender anti-malware app. This is an important indicator that technology and email filters cannot be used as the only method to protect against malicious emails.
HR topics catch the most
Corporate phishing emails have always been effective and continue to be successful because they can affect a user’s daily work and routine. This quarter’s phishing test results show that 40 percent of email topics are related to human resources. Among users, this evokes a sense of urgency to act quickly, sometimes before thinking logically and taking the time to question the legitimacy of the email. This year’s phishing test also found that phishing links in the body of an email were the most common this quarter. These combined tactics can have destructive consequences for businesses, leading to a variety of cyberattacks such as ransomware and compromise of business emails.
The phishing test for this quarter shows not only a shift toward more business-related emails, but also a move away from using personal emails, such as those from social media. In fact, the Q3 phishing report is the first this year in which social networks or social media sites are not among the top email subject categories.
Graphik: Know4Be4