Despite phishing email attacks related to COVID-19 on the rise, users are becoming more savvy and alert to these types of scams. Real phishing emails that were reported to IT departments related to security-minded users about password checks are steadily rising in popularity.
“With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cybercriminals are having less success with related phishing attacks,” says Stu Sjouwerman, CEO of KnowBe4.
“While users are becoming savvier regarding COVID-19 phishing attacks, there is a steady increase of those falling for security-related email scams. The bad guys go with what works and in Q1, nearly a third of the users who fell for a phishing email clicked on one related to a password check. Always check with your IT department through a known good phone number, email address or internal system before clicking on an email related to checking or changing a password because it only takes one wrong click to cause monumental damage.”
In Q1 2021, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests – these were the Top 10 General Email Subjects:
- Password Check Required Immediately
- Revised Vacation & Sick Time Policy
- COVID-19 Remote Work Policy Update
- COVID-19 Vaccine Interest Survey
- Important: Dress Code Changes
- Scheduled Server Maintenance — No Internet Access
- De-activation of [[email]] in Process
- Test of the [[company name]] Emergency Notification System
- Scanned image from MX2310U[[domain]]
- Recent Activity Report
