Top Keywords Used in Phishing Email Subject Lines

Share post:

Cybersecurity company Expel released a report last week identifying the top keywords used in the subject lines of phishing attempts.

Expel explained that employees will have to exercise extreme caution over the seemingly mundane emails they receive.

They further revealed that the top three subject lines in phishing attempts are “RE: INVOICE,” “Missing Inv ####; From [Legitimate Business Name] and “INV####.”

Expel went on to explain that “generic business terminology doesn’t immediately stand out as suspicious and maximizes relevance to the most potential recipients by blending in with legitimate emails, which presents challenges for security technology.”

In addition, subject lines indicating newness are often used in phishing attempts, with examples such as “New Message from ####, “New Scanned Fax Doc-Delivery for ####” and “New FaxTransmission from ####.”

The cybersecurity company further explained that these legitimate messages and notifications often use the term “new” to “raise the recipient’s interest,” adding that “people are drawn to new things in their inbox, wanting to make sure they don’t miss something important.”

Subject lines indicating further action requirements are also common phishing methods, according to Expel, with wording focusing on expiration notifications for emails and passwords, as well as verification requirements.

Other commonly used subject lines of phishing attempts include blank subject lines, file / data sharing language, service and form requests, action requests, and eFax angles.

For more information, view the original story from TechRepublic.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways