Phishing attacks / Security
Beware of emails with social media in the subject line!
The security company KnowBe4 puts the growth rate of social media phishing attacks - i.e. attacks with a social media reference in the subject line of fake emails - at 75% this year. In particular, the company warns against 'LinkedIn' in the subject line.
'Phishing' is a derivative of 'fishing': the fraudster 'fishes' for confidential, personal data by directing the user via a link - for example in an email - to a supposedly familiar but fake website. The user then voluntarily discloses their data.
© weerapat1003/FotoliaKnowBe4 is a provider of an integrated platform for security awareness training and simulated phishing. As part of a recent study, the company analyzed tens of thousands of simulated phishing tests. The result: 56% of the emails with the highest open rates had 'LinkedIn' in the subject line - more than all other social media phishing emails combined. "It feels good to join a network or connect in some way with colleagues or business contacts. Users inherently trust their 'verified' contacts, so they're more likely to click on a link sent by one of those contacts," said Stu Sjouwerman, CEO at KnowBe4, on why this type of cyberattack is so pervasive. "It is therefore becoming increasingly difficult to identify phishing attacks."
According to Stu Sjouwerman, CEO of KnowBe4, it is becoming increasingly important that employees know how to recognize a phishing attack. They are a company's last line of defense.
© KnowBe4The most suspicious subject lines identified by KnowBe4 with the highest open rates are
- LinkedIn: 56%
- Login alert for Chrome on Motorola Moto X: 9%
- 55th anniversary and pizza party: 8%
- Your friend tagged a photo of you: 8%
- Facebook password reset verification: 8%
- Your password was successfully reset: 6 %
- New voice message at 1:23 am: 5 %
In addition to examining phishing emails with social media subject lines, the study authors found that phishing tests that focused on password management were also very "successful": As many as 35% of users clicked on the links in the test emails. Furthermore, 'in-the-wild attacks' - i.e. real phishing emails and not simulated ones - were most successful when they asked the recipient to take action - such as inviting them to share an Outlook calendar or assigning them a task on a Microsoft platform.
The security awareness specialist emphasizes that employees are most effective as a company's last line of defense when they are continuously trained and tested for the latest phishing threats. To this end, KnowBe4 introduced the ' Social Media Phishing Test' in June 2019. This free test is designed to help IT and security professionals in organizations of all sizes to better identify users who are likely to open a phishing email originating from a social media site such as Facebook, LinkedIn or Twitter.
You might also be interested in
New 'Digital Products and Services' division
With the new product division 'Digital Products and Services', Ecom is introducing a ready-to-use service for all mobile devices. What exactly is behind this announcement?
read more...Body reaction as a password
Forgot your password? The Paluno Software Technology Institute at the University of Duisburg-Essen (UDE) is researching a new approach that combines biometrics and password protection.
read more...The four most dangerous authentication vulnerabilities
Authentication processes, which are the linchpin of the security of web, mobile and other applications, show various vulnerabilities in penetration tests. The four most common are described below.
read more...'Forum Safety & Security 2019'
The two sides of security
A total of 228 participants, speakers and exhibitors came together from July 8 to 10 in the Sindelfingen Stadthalle for an intensive exchange of information on the two sides of the "security coin" - as part of the 'Forum Safety & Security 2019'.
read more...Mechanical and plant engineering
VDMA study 'Industrial Security 2019' - the results
After 2013, the VDMA has once again conducted a survey on industrial security among manufacturing companies in Germany. The key results in a series of images.
read more...'Women in Cybersecurity Awards'
Female security specialists wanted
The IT security company NTT Security has launched the 'Women in Cybersecurity Awards'. The aim is to recognize outstanding and talented female experts in cybersecurity.
read more...Weak point management in production
Vulnerability and patch management are well established in the world of office IT. Not so in manufacturing environments - cyber attacks have an easy time of it.
read more...No accidental changes to files
CodeMeter 6.80 from Wibu-Systems supports Universal Write Filter (UWF), a Windows option from Microsoft that prevents accidental changes to files, which is particularly important for embedded systems.
read more...Security through network segments
The Microwall Gigabit from Wiesemann & Theis is the first in a series of easy-to-use security products for industry and manufacturing.
read more...