Expel examined 10,000 malicious emails to discover the list of the top keywords used in the subject lines of phishing attempts.
While some of the most commonly listed phishing keywords aim to mimic legitimate business invoices, the three most important subject lines are “RE: INVOICE,” “Missing Inv ####; From [Legitimate Business Name] and “INV####.”
Expel also pointed out that subject lines highlighting newness such as “New Message from ####,” “New Scanned Fax Doc-Delivery for ####” and “New FaxTransmission from ####.” are commonly used in phishing attempts, as legal messages and warnings regularly use the term “new” to “raise the recipient’s interest since people are drawn to new things in their inbox.”
Expel also noted: “Keywords that promote action or a sense of urgency are favorites among attackers because they prompt people to click without taking as much time to think. “Required” also targets employees’ sense of responsibility to urge them to quickly take action.”
Other top subject lines in phishing attempts include blank subject lines, language for exchanging files/documents, service and form requests, action requirements and eFax angles.
For more information, read the original story in Tech Republic.