fbpx

The single most effective way to protect your business from attack is by catching phishing emails before someone opens them

Phishing emails try to trick your staff into opening the door to cyber criminals. These attacks are very dependent on the email headline. An attractive headline is critical to inducing your staff to open the email and read its content.

Here are some of the email headlines that you should watch out for this year.

Those that try to create a sense of urgency

According to cybersecurity firm Barracuda, who analyzed 360,000 phishing emails, the most common headlines try to get your employees to act right away, before they have time to think.

Example headlines:

  • “Your Password Has Been Breached, Please Confirm Your New Address”
  • “The Deactivation of [Your Email] Has Been Requested”
  • “A Delivery Attempt Was Made Here”
  • “Our Vacation & Sick Leave Policy Has Been Updated”

When in doubt, have your employees verify any urgent request with an email or phone call.

What to do? Train your employees to take time to analyze any email with an urgent call to action, paying close attention to verifying the email account in the address lines, how names are spelled, and other details.

phishing headlines to watch out for

Free Tip Sheet

Share this tip sheet with your team, or print it and hang in common areas as a reminder of these dangerous phishing attempts.

14 + 15 =

Beware email headlines that mention expenses or payments

Any headline that mentions the transfer of funds should also be met with great suspicion, as they’re commonly used in phishing attacks. These email headlines could take many forms:

Posing as an Angry Client or Customer
• “Help with Problem in Invoice [XXXXX]”
• “Please Process My Request for a Refund”

Business Email Compromise Attacks
These attacks try to convince a lower-level employee that a decision maker is compelling them to take a certain action, often involving company finances. 
• “Have You Remitted Payment to (Company) Yet?”
• “Please Get This Invoice Paid ASAP”

Whaling Attacks
The inverse of a BEC attack is called a whaling attack. It’s when you target senior staff with a personalized message that tricks them into divulging important company information.
• “Do You Have (Employee’s) W-2 Form?”
• “Please Verify This Account Information”

 

According to Verizon’s Data Breach Investigations Report, 30% of whaling emails get opened by targeted users and 12% of those users click on the link inside.

Complete Network Can Help You Defend Against Phishing Threats

Phishing threats are pervasive and highly effective. If your business has been victim of a phishing attack or feels vulnerable to phishing attacks, it’s time to get serious about security. Complete Network has been helping businesses in Albany, New York and Charlotte, North Carolina mitigate the threat of phishing attack for 20 years.

Our friendly team is always happy to answer your questions and help you get on the right track to strong cybersecurity. Contact us any time at 877.877.1840 or [email protected]

need help?

The team at Complete Network can help you solve any IT support issue you’re facing and identify cybersecurity risks. Schedule a comprehensive consultation today.