Beware of the 'password check' phishing scam - it's the one you're most likely to fall for

Close to half of all users in simulated phishing tests fell victim to an "urgent message" scam asking them to check a password immediately.

This was revealed by KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, in its latest phishing report covering the third quarter of 2019.

KnowBe4 examined tens of thousands of e-mail subject lines from simulated phishing tests during this period. The results found that simulated phishing tests with an urgent message to check a password immediately were the most effective, with 43% of users falling for it.

The report found that the 10 most-clicked general e-mail subject lines globally for the period were:

• "Password Check Required Immediately";
• "A Delivery Attempt was made";
• "De-activation of [e-mail address] in Process";
• "New food trucks coming to [name of company]";
• "Updated Employee Benefits";
• "Revised Vacation & Sick Time Policy";
• "You Have A New Voicemail";
• "New Organizational Changes";
• "Change of Password Required Immediately"; and
• "Staff Review 2018".

Social media messages are another area of concern when it comes to phishing. KnowBe4’s top-clicked social media e-mail subjects reveal that LinkedIn messages were the most popular (at 48%), followed by Facebook (37%).

Stu Sjouwerman, the CEO of KnowBe4, said internet users are becoming more security-minded as cybersecurity threats persist. “They have a vested interest in protecting their online lives, so a message that sounds urgent related to their password can entice someone to click," he said.

“The bad guys are always looking for clever ways to trick end-users, so they need to remain vigilant.”

The report also examined "in-the-wild" e-mail subject lines, which show actual e-mails that users received and reported to their IT departments as suspicious. 

The 10 most clicked "in-the-wild" subject lines were:

• "Skype: New Unread Voicemail Message";
• "Transaction Refund";
• [A person's name] shared a document with you";
• "Microsoft Teams: Please authenticate your account";
• "Bonus payments for selected employees";
• "Cisco Webex: Your account is blocked";
• "Amazon: Billing Address Mismatch";
• "USPS: High Priority Package: Track it now!";
• "Verizon: Security Update"; and
• "Adobe Cloud: Shared a file with you on Adobe Cloud".