Top Phishing Subject Line: “Payment Notification”

Phishing is widely used by many different attackers against their targets. This has historically been a very profitable attack vector. With the low entry cost of phishing emails, and general acceptance of emails, this is an exceptionally flexible tool.

This may take many different forms, dependent on the target. If the target is employed in the finance department, the form will be different than a general phishing email campaign against the whole company. These may be tailored for their purpose.

The phishing email composition has been studied to gain insight into what has been working to entice the targets to click, versus not. Cofense, formerly PhishMe, researched this. The study indicated the phishing email subject line appearing the most as “Payment Notification” at 58%. The next most used subject lines are “New Message in Mailbox” and “Attached Invoice”.

The study also indicated 7% of received emails were malicious in the healthcare industry. Other industries are approximately 10%. The healthcare industry is a natural target due to the personal and confidential information and data held in their files and servers. This is very marketable for the successful attackers.

With the knowledge of the most commonly used subject lines, this is a tool to be incorporated into the system. With the email phishing detection, this may be incorporated into the email filter. In theory, this may also be used to detect phishing, and subsequently lower the infection rate.

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.