Mytek Logo
MyTek Logo

The Most Popular Subject Lines for Phishing Threats are Revealing

by | Nov 8, 2021 | MyTek Blog, Security


Subscribe To The Blog

By subscribing to the blog, you will be notified when a new blog post is created on the site.

A well-placed and timed phishing email can trick even the best and most cautious employees. Today we’re going to be taking a look at what makes these tricks successful and what subject lines you should be watching out for in a common phishing email. You might be shocked at the results that were found in a recent study.

In a report published by Expel, they revealed the most common subject lines used in a phishing email. These usually urge the reader to take immediate action. For employees that don’t think twice before downloading an attachment, this could be troublesome. 

Expel took a look at 10,000 malicious emails and compiled a list of keywords that were commonly used. The sense of urgency makes sense, but there are also other tactics used to get people to open their attachments.

Ben Brigida, Director and SOC of Operations at Expel, had this to say regarding the matter: “Attackers are trying to trick people into giving them their credentials. The best way to do this is to make the email look legitimate, prompt one clear action and lace it with emotion – urgency or fear of loss are the most common… The actions are as simple as ‘go to this site’ or ‘open this file,’ but the attacker wants you to be moving too fast to stop and question if it’s legitimate.”

The more direct and simple an email is, the more likely it will be that it will work. The emails are often composed in a simple way that makes it seem like it could be from a legitimate business source. Here are three of the most common.

  • Missing Inv ####; From [Legitimate Business Name]
  • INV####

These three subjects lines have to do with invoices, so an employee will think they are legitimate. One mentions something missing, which will invoke urgency in the reader. Out of all of the invoices they may be receiving on the daily, an email like this might not look suspicious. 

There might also be words like “verification required,” “required,” or action or service requestions. 

To stop common phishing emails like this from even reaching your team, reach out to MyTek today for help at 623-312-2444.


Tim - Team

Tim Tiller, LMSW

Tim Tiller, MSW brings a deep service background to his role at Mytek, having graduated from McDonald’s management training program, fresh out of high school, and working his way up through the ranks in the hospitality industry. He has led two prior companies – Multi-Systems Inc., an IT-focused organization providing technology to hospitality companies (where he was named President at age 36), and most recently, as Chief Operating Officer for Jewish Voice Ministries International.


Subscribe To This Author

By subscribing to the author, you will be notified when a new blog post is created by the author.


Top 5 Hardware Monitoring Software 

Did you know that almost 40% of servers had at least one outage in the last twelve months? Veeam reports that the most common reason for outrages is infrastructure failure which puts the current hardware monitoring practices under the scanner. Hardware failures are...

Types of Mobile Malware & How to Defend Against Them

Malware has a long history of undermining computer security and stealing critical data. With the rapid growth of mobile usage, we're now seeing a new breed of mobile malware infecting smartphones and tablets. The new-age mobile malware are more advanced, seamless, and...

How to Protect Your Data Privacy & Enhance IT Security

Every time you use a device, you enter, modify or access data. Some of your usages are routine and public but sometimes you perform tasks that are confidential in your personal life or business. Naturally, this type of data is private and it should be kept that way....

Mobile? Grab this Article!

QR Code

Blog Archive

Share This