The document discusses common phishing email subject lines and tactics that employees should be aware of. It provides examples of subject lines that aim to create a sense of urgency like needing to update passwords or billing information. Others mention sharing confidential documents or detecting unusual account activity. The document warns employees not to click links in suspicious emails and to be aware that phishing attacks often disguise themselves as important work communications.
2. Phishing attacks are fraudulent
forms of communication that can
compromise all kinds of
data sources, even
though they seem
to be coming from a
reliable source.
Here are some of
the top phishing
email subject lines
that every staff
should be aware of:
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
3. Need to check the
password immediately
01
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
This title tag is menacing because it
emphasizes a problem affecting
workplaces everywhere: expired
passwords. Keep an eye out for
the following variations on
this email subject line:
Passwords must be changed immediately
1
Office 365: change your password immediately
2
Slack: password reset for the account
3
login
username
password
remember me
4. Billing information
is out of date
02
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
Another strategy attackers use is an email
that alleges an account’s billing information
needs to be updated. See the email
Dear customer,
It has come to our attention
that your account billing information
records are out of date. That needs to
be updated. Failure to update your records
will result in account termination. Please
click the link below to update your
billing information.
5. Confidential information
about covid-19
03
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
Please check the new
vaccination information.
A list of highly secure
test locations. People enjoy
keeping secrets because
they make them feel
special and significant.
We feel even more
pressure to click on emails that
promise to inform us of life-changing
information, like COVID-19.
6. Dropbox: Document
shared with you
04
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
Dropbox is frequently used in offices to
share media files like
documents and
images, and the
file attachments
that come with
these files are
frequently vectors
for malware.
7. Attention: unusual
account activity detected
05
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
Danger! Alert! Take action now!
That is what this subject line
screams, and it will
coerce the workers to open
the email in search of more
information
8. Earn money working
from home
06
www.infosectrain.com
@infosectrain #
l
e
a
r
n
t
o
r
i
s
e
After covid-19, working from home is
common, and attackers take advantage
of this by presenting bogus work-from
home and freelance opportunities.