What are the Most Connected Phishing Electronic mails?

May 4, 2018


KnowBe4 has issued a three-monthly report that discloses the most clicked phishing electronic mails in Q1, 2018 – The electronic mails that are proving to be the most effective at deceiving workers into clicking hyperlinks and opening possibly hateful electronic mail attachments.

The information from the report came from replies to phishing simulation electronic mails sent through its training platform. The simulated phishing electronic mails mirror messages seen in real-world attacks but are transmitted in a safe setting where clicks don’t lead to the fixing of malware or the disclosure of confidential information.

The report has been issued at a suitable time. April has seen many alerts issued over phishing attacks. The U.S. Department of Health and Human Services has alerted healthcare companies in the United States to be on high alert because a “tidal wave” of phishing electronic mails is anticipated.

There have also been numerous major data breaches informed by healthcare companies that have happened as a consequence of workers opening hateful messages. A study from Verizon, circulated in April, also demonstrates that 98% of social engineering attacks and data breaches happened due to phishing electronic mails.

The reason for the high volume of phishing electronic mails is straightforward. They work. Scammers and hackers know all too well that targeting workers with phishing electronic mails is much simpler than attempting to find chinks in companies’ technological armor and the track of least opposition is taken.

For the statement, KnowBe4 studied tens of thousands of phishing electronic mail subject lines to decide which were proving to be the most effective. Additionally, an analysis was carried out on electronic mail subject lines that had been seen in real-world phishing attacks. So, what were the most connected phishing electronic mails?

Most Connected Phishing Electronic mails in Q1, 2018

The list below contains some changes from earlier reports, even though similar subject lines are being used again and again because they are still proving to be effective at provoking a click.

The two most effective phishing electronic mails in Q1, 2018 were:

  1. Subject: A Delivery Attempt Was Made
  2. Subject: Alteration of Password Needed Instantly


21% of end users replied to the first and 20% to the second.

Maybe obviously as it is tax time, a phishing electronic mail subject line related to tax made third place. In the U.S, a W-2 Form is a synopsis of salary, wages, and tax information for workers, detailing the tax that has been withheld from paychecks. This form is required in order for a tax return to be filed. The electronic mail was opened by 13% of users.

  1. Subject: W-2


The next two most clicked phishing electronic mails got a reply from 10% of end users:

  1. Subject: Company Policy Update for Fraternization
  2. Subject: UPS Label Delivery 1ZBE3112TNY00015011


Other topics that often saw electronic mails opened (2% to 8% of end users) are listed below, most of which pertain to information sent internally within a company. If electronic mail addresses are tricked so it seems the electronic mails come from within, it is obvious that these messages would be opened.

  1. Subject: Revised Vacation and Time Policy
  2. Subject: Staff Analysis 2017
  3. Subject: Urgent Press Release to All Staff
  4. Subject: Deactivation of (electronic mail) in Process
  5. Subject: Please Read: Important from HR


Given the high click rates of several of these messages, they must be included in your safety consciousness training programs and phishing simulation exercises. Through training, it’s possible to decrease the vulnerability of workers to electronic mails scams.