top of page
  • mark13908

10 Subject lines you should watch out for to avoid phishing scams

Phishing schemes seem to be one of those always present annoyances that never seem to go away. The threat of phishing remains prevalent and scammers are becoming more convincing every day. Long gone are the days of Nigerian princes offering a 2 million dollar reward, now it is far more likely that ‘Google’ or ‘Facebook’ wants something from you, and it pays to be extra vigilant when this is the case.


A report from security awareness training organisation KnowBe4 has revealed a collection of the top-clicked phishing emails of 2020, Showing work-related email subjects as some of the top contenders. These may consist of policy changes, remote working access, or coronavirus updates.

These are not all hypothetical scenarios, they are taken from both real and simulated phishing scams that have been successful in convincing a person to click the link and enter their details. However, it is worth noting that social media messages are another area where phishing is on the rise, with LinkedIn phishing messages dominating the top spot for social media email subjects to watch out for.

In Q4, KnowBe4 scanned tens of thousands of email subject lines including subject lines that show actual users received and reported to their IT departments as suspicious.

Although these were indeed tests, the following list should provide an insight into what emails you need to be extra thorough with when they make their way into your inbox.

Top 10 General Email Subjects

  • Password Check Required Immediately

  • Touch base on meeting next week

  • Vacation Policy Update

  • COVID-19 Remote Work Policy Update

  • Important: Dress Code Changes

  • Scheduled Server Maintenance -- No Internet Access

  • Deactivation of [[email]] in process

  • Please review the leave law requirements

  • You have been added to a team in Microsoft Teams

  • Company Policy Notification: COVID-19 - Test & Trace Guidelines

Top 10 Subjects Received From Report

  • IT: Annual Asset Inventory

  • Changes to your health benefits

  • Twitter: Security alert: new or unusual Twitter login

  • Amazon: Action Required | Your Amazon Prime Membership has been declined

  • Zoom: Scheduled Meeting Error

  • Google Pay: Payment sent

  • Stimulus Cancellation Request Approved

  • Microsoft 365: Action needed: update the address for your Xbox Game Pass for Console subscription

  • RingCentral is coming!

  • Workday: Reminder: Important Security Upgrade Required

Although the previous subject lines may not relate to you, it is crucial to note that these subject lines have been proven successful in the past. You should exercise extreme caution and thorough examination of the email before entering any details or clicking any buttons/ links. If you are curious about how to spot a phishing email, read our article on how to spot a phishing email.

41 views0 comments


  • Facebook
  • LinkedIn
  • Twitter
bottom of page