Common Phishing Subject Lines

Phishing is still the number one tactic used by malicious actors to collect passwords and other information.  Phishing works because the attacker is able to create an email that is believable and looks realistic.  The best ones appear to come from a customer, supplier, coworker or other trusted source, and the content makes sense for your business or personal life.  The most successful way to prevent phishing from ruining your day is to learn how to spot common phishing approaches.

Security company KnowBe4 recently published an article and infographic illustrating the most popular email and social network subject lines that they have seen over the last quarter of 2018.  Here is their list, with a few suggestions of my own thrown in for good measure.

Phishing Email Subjects

  • You requested a reset to your Apple ID
  • Employee satisfaction survey
  • Sharepoint: new fax messages
  • Your support ticket is closing
  • ZipRecruiter account suspended
  • Docusign document needs your signature
  • IT system support
  • Office365 suspicious activity
  • Squarespace billing failure
  • Password check or change required
  • Amazon order or receipt
  • Change in holiday schedule
  • Have a coffee, pizza, sandwich on us
  • Problem with your bank account
  • Invoice, payment demand or wire-transfer request
  • Deactivation of or other problem with your email account
  • Revised vacation or sick time policy
  • Final notice – please respond immediately
  • UPS or FedEx delivery notice or problem

Social Network Phishing Subjects

  • LinkedIn – Profile views, new endorsements, join my network, add me emails were the most common, and LinkedIn was the most frequently spoofed social network.
  • Facebook – password change and primary email change
  • Pizza – free pizza offers
  • Login alert on Chrome
  • New voicemail message
  • You were tagged in a photo
  • Your password was reset
  • Secure your account now!
  • You have a new unread message

These are examples of current phishing subjects be send out by the bad guys.  Vigilance is the most important skill you can develop, and it is always better to check first and avoid regret later.  Call the sender to confirm, or forward suspicious messages to your help desk or computer support department.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at


Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.