Here are the subject lines of the top phishes that users clicked on:
- Sharepoint File Via SharePoint – 28% clicked
- Job Opportunity – 21% clicked
- URGENT: Phishing Incident – 17% clicked
For context, across all phishing simulations sent, the average click rate is 5%.
Each of these top phishes is very different in what tactics are being employed to get users to click. The first one is masquerading as an everyday business process notification, the second one is presenting an exciting opportunity, and the third is inciting immediate action using fear and urgency tactics. Employees should be on the lookout for all types of common phishing tactics.
Top-reported phishing simulations
It’s also interesting to see which type of phishing emails users successfully reported to IT. These simulations weren’t fooling too many people, but they gave users an opportunity to keep practicing the habit of reporting emails to IT.