If you get an email that says “Password Check Required Immediately,” open it at your peril.

It’s the most common phishing email subject line used by scammers, according to the cyber-security site KnowBe4.

The next most popular scam lines: “A Delivery Attempt Was Made,” “Deactivation of Your Email Is in Progress,” and “New Food Trucks Coming to [Your Company’s Location].”

“KnowBe4 reports on the top-clicked phishing emails by subject lines each quarter in three different categories: subjects related to social media, general subjects, and ‘In the Wild,’” reports KnowBe4. “We get those results from the millions of users that click on our Phish Alert Button to report real phishing emails and allow our team to analyze the results.”

Sign up today for our December 12 webinar on Cybersecurity, Social Engineering and Email Phishing. It’s a free benefit of membership in Alta Pro Lawyers RPG.  Find out how to join here.

Password Management Scams On the Rise
“Aside from social media-related messages, general subject lines related to password management were highest on the list once again,” reports KnowBe4. “Another common theme is HR-related messages that mention benefits, organizational changes and staff review. In-the-wild attacks – those that were real phishing emails and not KnowBe4 templates – found the greatest success when they asked for action from the recipient or promised something of value.”

Top 10 General Email Phishing Lines

1. Password Check Required Immediately
2. A Delivery Attempt Was Made
3. Deactivation of Your Email Is in Progress
4. New Food Trucks Coming to [Your Company’s Location]
5. Updated Employee Benefits
6. Revised Vacation and Sick Time Policy
7. You Have a New Voicemail
8. Organizational Changes
9. Change of Password Required Immediately
10. Staff Review 2018

“Hackers are playing into employee’s desires to remain security-minded. Their curiosity is piqued with delivery attempt messages and HR-related messages that could potentially affect their daily work. And everyone loves a good food truck!”

LinkedIn and Facebook Email Scams
The fall hiring season is in full swing, with more than 20 million jobs posted online. That makes LinkedIn the perfect platform for scammers.

Phony LinkedIn messages accounted for 48 percent of all social media-related phishing scams. Popular subject lines: “Add Me,” “You Appeared in These Searches,” “Profile Views,” “LinkedIn Password Reset” and “Deactivation Request.”

“Nearly half of all social media-related phishing emails imitated LinkedIn messages,” according to KnowBe4. “This is a trend we are seeing each quarter, likely because there is a perception that these emails appear to be legitimately coming from a professional network. It’s a significant problem because many LinkedIn users have their accounts tied to their corporate email addresses.”

Facebook subject lines are also picking up steam. Common phishing lines: “Someone Mentioned You,” Your Friend Tagged You in Photos” and “Primary Email Changed.” 

Are you a member of Alta Pro Lawyers RPG? If so, you get a 10% discount on Clio software and cloud-based products, not to mention free CLE webinars and 24/7 access to the Pro Practice Playbook. Not a member? Learn how to join here.