These phishing email subjects get the most clicks
It is nearly impossible to block all phishing emails before they land in user inboxes; this is true for home users and company employees alike. While the bulk is filtered out, some emails manage to bypass filters to land in the user's inbox.
Users exposed to phishing emails react differently, and one deciding factor is the subject line of the email according to research published by Kaspersky.
While it is nearly impossible to run scientific tests in real world environments, phishing simulators come close to the real deal. Security companies and organizations may use phishing simulators in employee trainings.
According to data from Kaspersky's Security Awareness Platform , subject lines that appear to be work or user related get the most clicks. System administrators may use Kaspersky's platform to mimic phishing emails, track results and use the data to raise awareness among employees. Kasperksy's study included results from over 29,500 employees from 100 countries.
Nearly one in five employees clicked on links in the the most effective fake phishing email: 18.5% of employees fell for the email with the subject "Failed delivery attempt – Unfortunately, our courier was unable to deliver your item".
The following table lists the phishing emails with the highest clickthrough ratios.
| Subject | Sender | Clickthrough |
|---|---|---|
| Failed delivery attempt -- Unfortunately, our courier was unable to deliver your item | Mail delivery service | 18.5% |
| Emails not delivered due to overloaded mail servers | The Google support team | 18% |
| Online employee survey: What would you improve about working at the company | HR Department | 18% |
| Reminder: New company-wide dress code | Human Resources | 17.5% |
| Attention all employees: new building evacuation plan | Safety Department | 16% |
Kaspersky notes that other subjects, including booking reservation confirmations, order placement confirmations, or IKEA contest announcements, have high clickthrough ratios as well.
Emails that contain threats or "instant benefits" had lower clickthrough ratings according to Kaspersky. Emails that claimed to have hacked a user's computer and know the search history had a 2% clickthrough rating, while free Netflix offers and $1000 tricked only 1% of employees.
The difference may be partially explained by the work context in which the phishing simulation was carried out in. A Netflix offer may have more appeal to home users than employees. Similarly, threats that a computer has been hacked may weight more when it is a personal computer.
Kaspersky recommends that organizations intensify employee training to raise phishing email awareness. The teaching of basic phishing email signs, such as inconsistent sender addresses, suspicious links or dramatic subject lines, may weed out a good percentage of emails.
Well crafted phishing emails make it difficult to determine whether they are legitimate or not. Employees should contact the IT department when in doubt before opening the email or reacting to it.
Closing Words
It does not take a rocket scientist to come to conclude that phishing emails that users can relate to work best, but the click through numbers sound awfully high for this day and age. Phishing may lead to all sorts of issues, from planting malware in a company network to stealing authentication information and ransomware.
Now You: have you encountered phishing emails recently? How do you verify that emails are legit?
You said that Outlook isn’t your main email client, so which is your main one?
I think its thunderbird
It is Mozilla Thunderbird.
Awesome! This actually solved my problem… what a stupid bug.
If this is the same bug that I’ve encountered, there may be another fix: (1) hover over open Outlook item in Taskbar, cursor up to hover over Outlook window item, and right-click; (2) this should give you Restore / Move / Size / Minimize / Maximize — choose Move or Size; (3) use your cursor keys, going arbitrarily N/S/E/W, to try to move or size the Outlook window back into view. Basically, the app behaves as though it were open in a 0x0 window, or at a location that’s offscreen, and this will frequently work to resize and/or move the window. Don’t forget to close while resized/moved, so that Outlook remembers the size/position for next time.
THANK YOU Claude!!! I could get the main window to launch but could not get any other message window to show on the desktop. You are my hero!!!!
Solved my issue! 6 years later and this is still problem…
Fantastic. Thank you. Size did the trick.
This solved my Outlook problem, too. Thank you. :)
Thank you so much, this started happening to me today and was causing big problems. You are a life saver, I hope I can help you in some way some day.
You are a god – thank you!
thanks a lot…. work like charm.. :-)
Yah…thanks Claude. I’ve been having the same problem and tried all the suggestions…your solution was the answer. It had resized itself to a 0/0 box. Cheers
Excellent post. This had me baffled even trying to accurately describe the problem. This fixed it for me.
Thank you
Thanks a lot for the article. Don’t know why it happenend, don’t know how it got fixed, but it was really annoying and now it works :-)
Thanks a lot. I was facing this issue from past 3 week. I tried everything but no resolution. The issue was happening intermittently and mainly when I was changing the display of screen ( as i use 2 monitors). The only option i had was to do system restore. But thanks to you.
I’ve been tried to sole this problem for 12hours. Your comment about changing the display of screen helped me a lot!! Thanks!!
Thank you…don’t know why this happened but your instructions helped me fix it. Running Windows 10 and office pro 2007
Great tip! Thanks!
Worked for me, too – thank you!!!
It’s Worked for me, too
thank you very much!
I had a similar issue with Outlook 2013 on Windows 10 and this helped me to fix it. Thank you very much!
Thank you so much. Solved!
Considering you published this in 2012, incredible not been debugged by Microsoft.
Thank you again. M
This problem was faced by only one user logging to TS 2008 r2 using outlook 2010.The issue was resolved.
Thanks.
Great tip. Thank you!!!! If it helps, I had to use the Control Key and the arrow keys at the same time to bring my window back into view. Worked like a charm.
Thank you, this worked !!!!
Man, you are a fucking god. Thanks a lot, what an annoying bug!!
Awesome, this post solved the issue. Many thanks!