KnowBe4 Releases Q4 2018 Top-Clicked Phishing Subject Lines

Aggregate 2018 full year data shows specific topics get users to click quarter-over-quarter

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, reports on the top 10 most-clicked phishing subject lines. These subject lines could be part of a simulated phishing test sent to KnowBe4 users, or ‘in-the-wild’ emails that KnowBe4 users received and reported to their IT department as possible phishes. In reviewing the Q4 2018 most clicked subject lines, trends were easily identified; five subject line categories appeared quarter-over-quarter throughout 2018, including:

  • Deliveries
  • Passwords
  • Company Policies
  • Vacation
  • IT Department (in-the-wild)

Additionally, three “in-the-wild subject lines” were clicked three out of four quarters, and included Amazon, Wells Fargo and Microsoft as keywords.Q42018

“Clicking an email is as much about human psychology as it is about accomplishing a task,” said Perry Carpenter, chief evangelist and strategy officer at KnowBe4. “The fact that we saw ‘password’ subject lines clicked four out of four quarters shows us that users are concerned about security. Likewise, users clicked on messages about company policies and deliveries each quarter showing a general curiosity about issues that matter to them. Knowing this information gives corporate IT departments tangible data to share with their users and to help them understand how to think before they click."

Rounding out its quarterly reviews, in Q4 2018 KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The company also examined ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. The results are below.

The Top 10 Most-Clicked General Email Subject Lines Globally for Q4 2018 include:

  • Password Check Required Immediately/Change of Password Required Immediately 19%
  • Your Order with Amazon Order Receipt 16%
  • Announcement: Change in Holiday Schedule 11%
  • Happy Holidays! Have a drink on us. 10%
  • Problem with Bank Account 8%
  • De-activation of [[email]] in Process 8%
  • Wire Department 8%
  • Revised Vacation & Sick Time Policy 7%
  • Last reminder: please respond immediately 6%
  • UPS Label Delivery 1ZBE312TNY00015011 6%

*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q4 2018 included:

  • Apple: You recently requested a password reset for your Apple ID
  • Employee Satisfaction Survey
  • Sharepoint: You Have Received 2 New Fax Messages
  • Your Support Ticket is Closing
  • Docusign: You’ve received a Document for Signature
  • ZipRecruiter: ZipRecruiter Account Suspended
  • IT System Support
  • Amazon: Your Order Summary
  • Office 365: Suspicious Activity Report
  • Squarespace: Account billing failure

*Capitalization and spelling are as they were in the phishing test subject line.
**In-the-wild email subject lines represent actual emails users received and reported to their IT departments as suspicious. They are not simulated phishing test emails.

Businesses need to train their users to be their last line of defense. KnowBe4 has many free tools available at to test the users in their network.


About KnowBe4

KnowBe4, the provider of the world’s largest integrated security awareness training and simulated phishing platform, is used by more than 23,000 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new-school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s training based on his well-documented social engineering tactics. Tens of thousands of organizations worldwide trust KnowBe4 to mobilize their employees as their last line of defense.

Number 96 on the 2018 Inc. 500 list, #34 on 2018 Deloitte’s Technology Fast 500 and #2 in Cybersecurity Ventures Cybersecurity 500. KnowBe4 is headquartered in Tampa Bay, Florida with European offices in England, the Netherlands, Germany and offices in South Africa and Singapore.








Get the latest about social engineering

Subscribe to CyberheistNews