Connect with us


HR-disguised phishing emails duping staff worldwide: report



Most popular phishing emails from ‘HR’

The full list includes:

  • “Possible typo (15%)
  • “HR: Important: Dress Code Changes” (11%)
  • “HR: Please update W4 for file” (11%)
  • “Adobe Sign: Your Performance Review” (10%)
  • “HR: Vacation Leave Notice: Plan Your Time Off Now!” (10%)
  • “HR: Vacation Policy Update” (9%)
  • “HR: Your training is past due” (9%)
  • “Google: You were mentioned in a document: ‘Strategic Plan Draft’” (9%)
  • “You have a new voicemail” (8%)
  • “Bad customer review received – Please take action ASAP” (8%)

The list is more diverse than the phishing email subjects from KnowBe4’s report last year. This time, malicious emails also appear to come from IT and managers, and are even disguised as tax-related emails.

“These attacks are effective because they could potentially affect users’ daily work, and cause a person to react before thinking logically about the legitimacy of the email,” KnowBe4 said in an infographic.

There are also phishing emails disguised as holiday, event, and survey messages from the HR department, according to the report. They include:

  • “HR: Change in Holiday Schedule”
  • “HR: Happy 4th of July Message”
  • “HR: Juneteenth Survey”
  • “HR/July 4th: RSVP for Company BBQ”
  • “Juneteenth Celebration Sign-up”

Fighting phishing emails and cyberattacks

Various organisations across the world are reporting that they are being targeted by cyberattacks, and some executives are growing concerned that their company could be next.

Read the full article here