Top Keywords Used in Phishing Email Subject Lines

Share post:

Cybersecurity company Expel released a report last week identifying the top keywords used in the subject lines of phishing attempts.

Expel explained that employees will have to exercise extreme caution over the seemingly mundane emails they receive.

They further revealed that the top three subject lines in phishing attempts are “RE: INVOICE,” “Missing Inv ####; From [Legitimate Business Name] and “INV####.”

Expel went on to explain that “generic business terminology doesn’t immediately stand out as suspicious and maximizes relevance to the most potential recipients by blending in with legitimate emails, which presents challenges for security technology.”

In addition, subject lines indicating newness are often used in phishing attempts, with examples such as “New Message from ####, “New Scanned Fax Doc-Delivery for ####” and “New FaxTransmission from ####.”

The cybersecurity company further explained that these legitimate messages and notifications often use the term “new” to “raise the recipient’s interest,” adding that “people are drawn to new things in their inbox, wanting to make sure they don’t miss something important.”

Subject lines indicating further action requirements are also common phishing methods, according to Expel, with wording focusing on expiration notifications for emails and passwords, as well as verification requirements.

Other commonly used subject lines of phishing attempts include blank subject lines, file / data sharing language, service and form requests, action requests, and eFax angles.

For more information, view the original story from TechRepublic.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways