Phishing Attacks Now Focus on HR-Related Subjects, Report Shows

HR-related topics continue to dominate phishing emails sent to employees from various organizations, while the number of messages related to COVID 19 has dropped considerably, according to a report from KnowBe4.

The move to work-from-home and the move back to the office for some employees created confusion over policies implemented in companies. Attackers have been quick to adapt their messages to every stage of the pandemic, using subjects of interest to capture the attention of the possible victims.

Using a simulation that tapped tens of thousands of real email subjects, KnowBe4came up with a list of general email subjects that fit existing trends for Q2 of 2021. Many of these will likely look familiar.

Top 10 General Email Subjects:

  • Password Check Required Immediately
  • Vacation Policy Update
  • Important: Dress Code Changes
  • ACH Payment Receipt
  • Test of the [[company_name]] Emergency Notification System
  • Scheduled Server Maintenance — No Internet Access
  • COVID-19 Remote Work Policy Update
  • Scanned image from MX2310U@[[domain]]
  • Security Alert
  • Failed Delivery

It’s worth noting that COVID-related phishing is still present and that some of the messages are directly related to people returning to their offices. As more and more people return to the office, these messages are likely to become more common.

KnowBe4 also published some of the more prevalent messages in Q1 2021, and they also mirror the peoples’ interests and concerns.

  • Zoom: Important issue
  • IT: Information Security Policy Review
  • Mastercard: Confirmation: Your One-Time Password
  • Facebook: Your account has been temporarily locked
  • Google: Take action to secure your compromised passwords
  • Microsoft: Help us protect you – Turn on 2-step verification to protect your account
  • Docusign: Lucile Green requests you to sign Mandatory Security Training documents
  • Internship Program
  • IT: Remote working missing updates
  • HR: Electronic Implementation of new HRIS

As usual, the best course of action is always to check the sender of the email, to avoid opening emails and attachments from unknown users, and to use a security solution such as Bitdefender Total Security that’s more than capable of stopping any such attempt.