construction insurance company

The Top Phishing E-Mail Subject Lines to Beware of

The stakes for companies who have been hacked are growing with each passing year, and the most common way a business’s database and vital information is exposed is due to employees clicking on malicious e-mail links.

Many attempts to get employees to open and click on dangerous links are crude and easily detectable. But cyber criminals have grown sophisticated and have started employing subject lines and content in the body of their phishing e-mails that looks legitimate enough.

The first line of defense for all organizations is their employees and all it takes is for one of them to click a link in a phishing e-mail that can expose their company to a host of cyber attacks, such as business e-mail compromise and ransomware attacks.

Many of these e-mails recycle the same subject lines again and again, and a recent report by KnowBe4, a cyber security training firm, found that 40% of phishing e-mail subject lines are human resources-related. Also, the body of the e-mail often creates a sense of urgency for the targeted worker to act quickly.

 

Danger signs

You can train your staff to beware if they receive an e-mail with one of these most common subject lines:

  • HR: Vacation Policy Update

  • HR: Important: Dress Code Changes

  • Password Check Required Immediately

  • HR: Your performance evaluation is due

  • Weekly Performance Report

  • LinkedIn: Who’s searching for you online?

  • IT: Internet Report

  • HR: Please update W4 for file

  • Acknowledge Your Appraisal

  • Employee Expense Reimbursement for [[e-mail]]

And the following are the most common bogus e-mail subjects that employees reported to their superiors as suspicious:

  • Equipment and Software Update

  • Mail Notification: You have 5 Encrypted Messages

  • Amazon: Amazon – delayed shipping

  • Google: Password Expiration Notice

  • Action required: Your payment was declined

  • Wells Fargo: Transfer Completed

  • DocuSign: Please review and sign your document

  • IT: IT Satisfaction Survey

  • Zoom: [[manager name]] has sent you a message via Zoom Message Portal

  • Microsoft: Microsoft account security code

Phishing e-mails are also growing more difficult to detect. According to KnowBe4, besides real-looking subject lines, cyber criminals will employ different techniques to lend legitimacy to their e-mails, including:

Spoofing the company’s domain — These e-mails appear to come from the user’s domain, either because someone has spoofed the domain or uses one that is almost identical to the company’s domain.

Branded  — The e-mail body includes the employer’s logo, name and address.

Credentials landing page — A phishing link directs the employee to a data entry or log-in landing page that mimics their employer’s page by using the company’s logo, colors and images.

Most of these e-mails will launch malicious code if the recipient either clicks on a link or opens an attached file, typically a pdf.

Training is paramount

When criminals target an organization for attack, they will often start by doing a deep search online for employees’ e-mail addresses. Sometimes companies will have nearly everyone one of their employees’ e-mail addresses on their website. The more workers a company has, the more susceptible they are to attack.

According to KnowBe4, once they have those e-mails they can start sending the employees e-mails that “supposedly coming from Human Resources, the CEO or perhaps the mail room, and social engineer your users to click on a link.

Besides firewalls and other safety protocols, you should prioritize training your staff to detect and report any suspicious e-mails. First and foremost, they should avoid clicking on links or opening attachments unless they are sure that the e-mail is from a trusted source.

If you would like to speak with us call Gary Wallach at 914-806-5853 or click here to email or click here to visit our website.

BGES Group, located in Larchmont, N.Y. are New York Construction Insurance Specialists that represent 50+ companies and all the BEST general & umbrella liability programs!  We offer every coverage you need including property, builders risk, inland marine, general liability, umbrella liability, auto, bid & performance bonds, workers’ compensation, N.Y.S. disability and group health.  We are extremely responsive, responsible, trustworthy, fast, minimize your insurance headaches, we don’t charge ridiculous policy or service fees and when you call, text or email, whatever time of day, even weekends, we are ARE THERE to help YOU!

BGES Group are Workers’ Compensation Insurance Specialists for Tri-State Business Owners: Unhappy with your rates, company, being cancelled, losses causing difficulty getting coverage, in the middle of an audit dispute, payrolls misclassified, whatever your issue, we can help!  We have special programs for: Auto Service, Contractors (especially New York), Limousine Services, Logistic Companies, Manufacturers, Recyclers, Truckers, we can help ANY tri-state business owner.  We are considered “Preferred Agents” for this one program that if we can get you in, their pricing is excellent, offers long-term coverage stability and can cover multi-state operations. Program takes the hassle out of doing annual audits too.

In addition, we offer all personal insurance coverages including home, auto, boat, jewelry, fine arts, life, disability, health and long-term care.  When was the last time you got a complete check up for all your coverage needs?   We are extremely caring and would love the chance to help you with your personal insurance needs.

BGES Group is an insurance agency whose owner is very responsible, responsive, offers boutique, very personal service and is ALWAYS there when you need him most!

We know reading an article we post or getting an email is not the best way to consider working with someone.  If you are interested, go read our “Google Reviews” and see what people have to say about us!  That can give you the comfort level needed to contact us.

If you would like to speak with us call Gary Wallach at 914-806-5853 or click here to email or click here to visit our website.

Company: BGES Group, 216A Larchmont Acres West, Larchmont, NY 10538

e-mail: bgesgroup@gmail.com

website: http://www.bgesgroup.com

© – Copyright – 2023 – BGES Group

Insurance concept, Businessman holding red umbrella on falling rain with protect with icon business, health, financial, life, family, accident and logistics insurance on city background

Posted in Uncategorized.

Leave a Reply