Don't get hooked on the Subject LinePosted in Blogs on 26/06/20
Despite employers’ best efforts to train and educate their workers, users who get phished still open roughly one-third of all such messages.
Hackers commonly bait and then reel-in users by combining emotion, fear, urgency and curiosity with familiar subjects like document review, credentials and shopping. Notably many phishing subject lines are short and non-specific, here are some of the most prevalent and effective phishing subject-line topics, have you seen any before?
- “Re: Reminder: [Update News Statement] Log-in recently your account result from Paypal: ID00318677 attachment (PDF)
Let’s dissect the above:
“Re: Reminder: [Update News Statement] Log-in recently your account result from Paypal: ID00318677 attachment (PDF)
Re: implies it is a response, that you have already spoken to them and they are simply replying. Paypal: as you can see is spelt wrong, PayPal has a capital P at the beginning and the middle. Attachment (PDF): You should always be wary around PDF’s, if you are not expecting one, call the sender to find out what it is.
- “Good offer from International Company”
Once again, lets dissect:
“Good offer from International Company”
What are you selling? What is your company name? Who are you? Emails you receive whether you are expecting them or not, should be clear. Who is the person sending the email, what do they do and what exactly are they providing?
- “Your account has been limited”
Are you expecting this email? If you’re not, report it to your IT team, they can investigate before you make any changes
What is Phishing?
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.
Sharing is Caring #CrusadeCS
Why Password Security MattersPosted in Blogs on 06/05/21
The Great Crusade Egg HuntPosted in Blogs on 01/04/21
Speed DatingPosted in Blogs on 14/02/21
How Crusade's secret agent can help protect you from ransomware.Posted in Blogs on 10/02/21