Story image
Training
KnowBe4
Phishing
Cybersecurity

Phishing emails in Q421 focused on everyday tasks - research

By Shannon Williams, Yesterday

Phishing emails in the last quarter of 2021 were primarily focused on users' everyday tasks, new research has found.

The information was revealed in KnowBe4's Q4 2021 top-clicked phishing report, which the company released this week.

KnowBe4 is a provider of a security and awareness training and simulated phishing platform.

“When comparing the results from the United States phishing emails to those in the rest of the world, email subjects in the United States appear to originate from the users’ organisations and are focused on security alerts related to passwords and internal company policy changes,” says Stu Sjouwerman, chief executive officer at KnowBe4. 

“However, in the rest of the world, the top subjects are related to users’ everyday tasks and the subject lines appear to be more personalised to entice the user to click," he says.

"As expected, we did see some phishing email subjects related to the holidays, especially holiday shopping in particular. Employees should remain ever vigilant when it comes to suspicious email messages in their inboxes because just one wrong click can wreak havoc for an organisation.”  

According to the report, the top 10 email categories globally are:

Business 
Online Services 
Human Resources 
IT 
Banking and Finance 
Coronavirus/COVID-19 Phishing 
Mail Notifications 
Holiday 
Phishing for Sensitive Information 
Social Networking 
Top phishing email subjects were also broken out, comparing those in the United States to those in the rest of the world. In the fourth quarter of 2021, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organisation also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. 
The results are below. 

Top phishing email subjects, according to the Q4 2021 top-clicked phishing report:

Rest of the Word:
Accept Invitation - Staff Meeting via Teams 
Employee Portal - Timecard Not Submitted  
Enclosed attachment for your review 
Immediate password verification required  
[[company_name]] Invoice 

The United States:
Password Check Required Immediately 
Important: Dress Code Changes 
Vacation Policy Update 
Important Social Media Policy Change  
Employee Discounts on Amazon for your Holiday Shopping 

Common “In-the-Wild” attacks, according to the report were:

IT: Cloud Enrolment 
Special Project Information  
You Have Some New Messages 
Teams Events 
Microsoft: Private Shared Document Received  

The KnowBe4 platform is used by more than 44,000 organisations around the globe. Founded by IT and data security specialist, Stu Sjouwerman, KnowBe4 helps organisations address the human element of security by raising awareness about ransomware, CEO fraud, and other social engineering tactics through a new-school approach to awareness training on security. 

Kevin Mitnick, an internationally recognised cybersecurity specialist and KnowBe4's chief hacking officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organisations rely on KnowBe4 to mobilise their end users as their last line of defense. 

Related stories
COVID-19 vax most popular topic for phishing attacks in 2021>>
Check Point Research reveals how hackers run token scams and 'Rug Pull' money - and how to avoid them>>
Experts weigh in on how to protect yourself against banking scammers>>
Advantage hires new senior cyber security engineer>>
The aftermath of Log4j - What can be done to protect businesses?>>
Major cryptocurrency losses for SMBs from BlueNoroff threat actor>>
Top stories
Recent stories
Story image
Open Source
The aftermath of Log4j - What can be done to protect businesses?
Last year's Apache Log4j vulnerability created a lot of chaos, so what can be done to protect companies from the security implications?>>
Story image
Cybersecurity
Experts weigh in on how to protect yourself against banking scammers
"Financial wellness is more than spending wisely and having healthy savings levels - it is also about keeping our money safe and not losing it to bad guys.">>
Story image
Microsoft
Microsoft to acquire Activision Blizzard in landmark deal
The merger is set to create further opportunities for Microsoft’s gaming business across mobile, PC, console and cloud while also providing a solid foundation for entry into the metaverse.>>
Story image
Sony
Hands-on review: Sony WF-C500 earbuds
My first impressions of the WF-C500 earbuds were really good. The packaging is very similar to that of the flagship earbuds. The earbuds themselves came with a protective charging case, instructions, warranties, different size ear tips and a USB-C charging cable.>>
Story image
Telstra
Telstra deploys industry-first Ericsson Private 5G for enterprise
The first-ever deployment of Ericsson Private 5G, an on-premise dedicated 5G network for enterprise utilising a single-server 5G dual-mode core, has been announced by Telstra and Ericsson.>>
Story image
Cryptocurrency
2021 a year to remember for blockchain industry - report
Blockchain application research firm Huobi Research Institute has released its Global Blockchain Industry Overview and Trends 2021-2022 Annual Report.>>
Story image
Gaming
Hands-on review: Intel 12th-Gen Core i9-12900K and Core i5-12600K CPU
After what seems like only a few short months since the last iteration, Intel has launched the 12th generation of its desktop CPUs.>>
Story image
Internet of Things
IoT technology set to help provide safer community housing
IoT technology is being utilised by Auckland community housing provider Community of Refuge Trust (CORT) to help 550+ of its tenants receive better, healthier homes.>>
Story image
Gaming
Game review: God of War (PC)
Whereas the previous games across the PlayStation 3 and 4 have followed the Spartan, Kratos, on his tragic journey through Greek mythology, God of War switches proceedings to an interesting deep-dive into Norse mythology.>>
Story image
Cryptocurrency
Check Point Research reveals how hackers run token scams and 'Rug Pull' money - and how to avoid them
Check Point Research has revealed how scammers are altering smart contracts to create fraudulent tokens. They then use methods to "rug pull" money from people with altered smart contracts, leading to money heists.>>
Story image
Contact Centre
Analysis: AI the way of the future for modern contact centres
According to a new analysis from NICE, AI technology is going to be the future of the modern contact centre.>>
Story image
Artificial Intelligence / AI
Meta says it's building the 'fastest supercomputer in the world'
Meta’s AI Research SuperCluster will be used to develop advanced AI in areas such as computer vision, natural language processing and speech recognition.>>
Story image
Social Media
YouTube Shorts a haven for scammers using stolen TikTok videos
Scammers are stealing existing short-form videos from TikTok and reposting them as YouTube Shorts, racking up millions of views and gaining tens of thousands of subscribers, according to new research from Tenable.>>
Story image
Hyperscale
Carbon emissions driving cloud buying decisions - Gartner
Gartner predicts hyperscalers’ carbon emissions will drive cloud purchase decisions by 2025.>>
Story image
Phishing
DHL tops list of companies most impersonated by criminals
Cybercriminals often impersonate brands to gain valuable data, and new research by Check Point Software has found DHL to be the brand most frequently imitated by cybercriminals. >>
Story image
Training
Phishing emails in Q421 focused on everyday tasks - research>>
Story image
DDLS
The skills all aspiring IT professionals need in 2022>>
Story image
Cryptocurrency
Major cryptocurrency losses for SMBs from BlueNoroff threat actor>>
Story image
Shopify
Supply chain woes set to continue in 2022 - Shopify>>
Story image
Remote Working
Zoom's Sydney office pilots 'employee-led' approach to the future of work>>
Story image
Artificial Intelligence / AI
New predictions by Brainly say AI and interactive learning still vital in classrooms of 2022>>
Story image
Employee Experience
Global IT company named best employer in Australia and 16 other countries>>
Story image
Ransomware
Older people targeted by ransomware while young adults fall for TikTok scams>>
Story image
Vodafone
Vodafone, Te Rourou foundation launch emergency grant, match donations for Tonga tsunami recovery>>
Story image
Gaming
Hands-on review: Nanoleaf Lines>>
Story image
Gaming
Hands-on review: EPOS H3 Pro Hybrid gaming headset>>
Story image
Design
Trends that will shape workspace layouts in 2022>>
Story image
Fortinet
Fortinet partners with Telecom Niue to increase network security>>
Story image
Manufacturing
Four industries revolutionised by robots>>
Story image
Firewall
Avast launches a new firewall in latest product updates>>
Story image
Ransomware
Kaspersky lists 5 cyber threats to watch for in 2022>>
Story image
Malware
New Zealanders hit hard by trackers according to new Norton research>>
Story image
Honeywell
Honeywell receives Rainbow Tick for diversity & inclusion in NZ>>
More stories