Did you know an average of 90% of successful cyberattacks begin with a phishing scam?
“Phishing” is an umbrella term used to describe an email scam where the sender attempts to trick you into handing over valuable information such as account credentials, banking information, tax file numbers, or other sensitive data.
The email will appear to come from a trusted entity like Google, Dropbox, PayPal, your bank, the Taxation Office or even a form of law enforcement.
Most Common Threats in Emails
Thanks to researchers, we now know the most common subject lines used in spear phishing emails to reel in victims.
By far the most common subject used is simply ‘Request’ – accounting for over one third of the phishing messages analysed. The most common subject lines used by hackers are based on the following key phrases:
- Follow up
- Are you available?/Are you at your desk?
- Payment Status
- Invoice Due
- Direct Deposit
‘Are you at your desk’ uses the trick of familiarly to try and coax victims into falling for the attack, while subjects suggesting the email is part of a previous conversation (‘Re’) are also used for a similar goal – to trick the user into trusting the sender.
Apart from educating employees, rogue emails can be stopped at your internet gateway before they become a risk.
We’ve assisted many clients in Australia to introduce robust defences against ransomware, business email compromise and phishing email protection based on properties such as senders, recipients, message subjects, and content.