Your IT Support Experts - Homepage

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(703) 359-9211

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Macro Systems Blog

Macro Systems has been serving the Metro Washington, DC area since 1997, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

The Most Common Subject Lines for Phishing Attacks

The Most Common Subject Lines for Phishing Attacks

Even the most cautious employee could fall victim to a well-placed phishing email. What are some factors that contribute to the success of these cyberattacks, and what subject lines in particular should people be cautious about? A recent study takes a look at what goes into a successful phishing attack, and you might be surprised by the results.

Expel published a report revealing the most common subject lines used in phishing emails, all of which encourage the reader to take some sort of action. This is worrying, especially for employees who don’t typically tend to think twice before downloading an attachment or clicking on a link.

Expel looked at 10,000 known malicious emails and put together a list of keywords used in phishing emails. The fact that most of them have a sense of urgency should come as no surprise, as this tactic has been used in phishing attacks since their inception. Additionally, this is a tactic also utilized in marketing emails, so hackers can blur the lines a bit and create uncertainty in this way.

Ben Brigida, Director and SOC of Operations at Expel, had this to say regarding the matter: "Attackers are trying to trick people into giving them their credentials. The best way to do this is to make the email look legitimate, prompt one clear action and lace it with emotion - urgency or fear of loss are the most common… The actions are as simple as 'go to this site' or 'open this file,' but the attacker wants you to be moving too fast to stop and question if it's legitimate.”

Essentially, the simpler and more direct the phishing email is, the easier time a hacker has in pulling it off. This idea is reflected in the keywords. You might notice that not only are they simple, but they also mimic emails sent from legitimate businesses. Here are three of the most common ones:

  • RE: INVOICE
  • Missing Inv ####; From [Legitimate Business Name]
  • INV####

These subject lines tap into the fear that one might have of missing a payment, something which can be problematic for a small business that relies on goods or services to stay operational. Rather than take a step back and question these messages, users will simply make the payment. Plus, when you consider the sheer amount of invoices or messages sent out by automatic systems, this type of language is not necessarily a red flag.

Some other common phishing subject lines might include the words “required,” “verification required,” file sharing, action requirements, or service requests. The tags that sometimes get assigned to emails in inboxes also don’t help, as employees might see the word “new” next to a message and impulsively click on it.

If you want to take your network security seriously and stop phishing emails in their tracks, Macro Systems can help. To learn more, reach out to us at 703-359-9211.

Headphone Cleaning Tips
Common Misconceptions about Technology in the Work...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Tuesday, December 03, 2024

Captcha Image

Customer Login


Contact Us

Learn more about what Macro Systems can do for your business.

(703) 359-9211

Macro Systems
3867 Plaza Drive
Fairfax, Virginia 22030