KNOWBE4 PHISHING TEST RESULTS REVEAL TREND TOWARDS BUSINESS- RELATED EMAILS
nowBe4 , the
K provider of some of the world ’ s largest security awareness training and simulated phishing platform , has announced the results of its Q3 2022 phishing report .
The results include the top email subjects clicked on in phishing tests and reflect the shift from personal to businessrelated email subjects including internal requests and updates from Human Resources , IT and managers .
Phishing emails regularly plague organisations around the globe . Research from cloud and email security specialist , Avanan , reveals that nearly 19 % of phishing emails were bypassed by the anti-malware app , Microsoft Defender . This is a key indicator as to why technology and email filters cannot be relied on as the sole method of protection against malicious emails .
Business phishing emails have always been effective and continue to be successful because of their potential to affect a user ’ s workday and routine . Q3 ’ s phishing test results reveal that 40 % of email subjects are HR-related , creating a sense of urgency in users to act quickly , sometimes before thinking logically and taking the time to question the email ’ s legitimacy . Last year ’ s phishing test also revealed the top vector for this quarter to be phishing links in the body of an email . These combined tactics can have destructive outcomes for organisations and lead to a multitude of cyberattacks such as ransomware and Business Email Compromise ( BEC ).
Along with reflecting a shift towards the use of more business-related emails , Q3 ’ s phishing test reveals a shift away from the use of personal-related emails such as those from social media . In fact , Q3 ’ s phishing report is the first of 2022 that does not attribute social networking or social media sites as a top email subject category .
“ As phishing emails evolve and become more sophisticated , it is imperative that organisations prioritise security awareness training for all employees , now more than ever ,” said Stu Sjouwerman , CEO , KnowBe4 . “ Phishing emails that disguise themselves as internal communications are especially concerning since they are sure to grab the attention of users and typically incite action . New-school security awareness training for employees helps combat phishing and malicious emails by educating users on what to look out for – it is the key to creating a healthy level of scepticism to better protect an organisation and build a stronger security culture .” u
Q3 ’ s phishing test results reveal that 40 % of email subjects are HRrelated , creating a sense of urgency in users to act quickly , sometimes before thinking logically and taking the time to question the email ’ s legitimacy .