advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

Phishing emails about couriers, IT support and HR get the most clicks

As many ways as there are to crack a company’s defenses, phishing remains one of the most effective ways to launch an attack.

A well crafted phishing email can be a disaster for a company and unfortunately, cybercriminals are only getting more convincing in their efforts to breach defenses. To showcase just how convincing phishing emails can be, Kaspersky observed phishing simulator data from its Kaspersky Security Awareness Platform.

The platform allows an administrator to craft mock phishing emails that mimic what one might encounter in the wild. The platform can help companies understand how much cybersecurity awareness training is needed.

Upon observing data from the platform Kaspersky has found five email subject lines that get employees to open the email and click.

Those subject lines are:

  • Failed delivery attempt – Unfortunately, our courier was unable to deliver your item. Sender: Mail delivery service. Click conversion: 18.5%
  • Emails not delivered due to overloaded mail servers. Sender: The Google support team. Click conversion: 18%
  • Online employee survey: What would you improve about working at the company. Sender: HR Department. Click conversion: 18%
  • Reminder: New company-wide dress code. Sender: Human Resources. Click conversion: 17.5%
  • Attention all employees: new building evacuation plan. Sender: Safety Department. Click conversion: 16%

Curiously, Kaspersky found that emails which offer instant benefits were less successful. A simulated phishing template offering free Netflix and $1 000 were clicked by as few as one percent of users.

What this tells us is that cybercriminals are preying on the anxiety some employees may have about work and that hits the mark. Truth be told, coming out of a pandemic and an ongoing recession, the fear of losing your job is one many have and likely inspires folks to click links they may not have.

Understanding employees and public discourse is incredibly important to cybsecurity as head of security awareness business development at Kaspersky, Elena Molchanova explains.

“Phishing simulation is one of the simplest ways to track employees’ cyber-resilience and evaluate the efficiency of their cybersecurity training. However, there are significant aspects that must be considered when conducting this assessment to make it really impactful,” says Molchanova.

“Since the methods used by cybercriminals are constantly changing, the simulation has to reflect up-to-date social engineering trends, alongside common cybercrime scenarios. It is crucial that simulated attacks are carried out regularly and supplemented with appropriate training – so users will develop a strong vigilance skill that will allow them to avoid falling for targeted attacks or so-called spear phishing,” she concludes.

[Image – CC 0 Pixabay]

advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

IBM software via AWS Marketplace expands to 92 countries, including SA

Why connecting to space with Bluetooth matters

Registry Africa renews .africa for a further 10 years

Entries for the DStv Content Creator Awards 2024 now open for all Africans

Moya Money is now Bloo Money

What to expect at Huawei’s Innovative Product Launch this week

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.