Photo: Bloomicon (Shutterstock)

Email phishing scams are in no way new, but with people living so much of their lives online during the ongoing COVID-19 pandemic, there are increased opportunities for it to happen. In fact, 2020 saw a 25% increase in the number of phishing sites compared to 2019.

One of the ways people can decrease their chances of being scammed is paying close attention to the emails they receive (or at least the ones they’re considering opening). To help pinpoint what to look for, Expel analyzed 10,000 malicious emails, and released a report on the most common keywords found in the subject lines of phishing emails. Here’s what to know.

Understanding scammers’ tactics

Expel’s report found that scammers use a combination of three strategies to get people to interact with their emails:

  1. Imitating legitimate business activities
  2. Creating a sense of urgency
  3. Prompting the recipient to act

“Attackers are trying to trick people into giving them their credentials. The best way to do this is to make the email look legitimate, prompt one clear action and lace it with emotion—urgency or fear of loss are the most common,” Ben Brigida, the director of SOC Operations at Expel told TechRepublic. “The actions are as simple as ‘go to this site’ or ‘open this file,’ but the attacker wants you to be moving too fast to stop and question if it’s legitimate.”

Most common keywords used in subject lines of phishing emails

The full report provides additional details and examples of how and why these keywords are used in phishing email subject lines. For now, here’s a quick rundown of some that should be approached with extra caution:


Examples of real subject lines:

  2. Missing Inv ####; From [Legitimate Business Name]
  3. INV####


Examples of real subject lines:

  1. New Message from ####
  2. New Scanned Fax Doc-Delivery for ####
  3. New FaxTransmission from ####


Examples of real subject lines:

  1. Message From ####
  2. You have a New Message
  3. Telephone Message for ####


Examples of real subject lines:

  1. Verification Required!
  2. Action Required: Expiration Notice on [business email address]
  3. [Action Required] Password Expire
  4. Attention Required. Support ID: ####

[Blank subject]

According to the report, “blank subject lines generally evade automated security measures—security tech can’t scan for phishing or spam keywords if there aren’t any.”


Examples of real subject lines:

  1. You have a Google Drive File Shared
  2. [Name] sent you some files
  3. File- ####
  4. [Business Name] Sales Project Files and Request for Quote


Examples of real subject lines:

  2. [Business Name] – W-9 Form Request
  3. Your Service Request ####
  4. Request Notification: ####


Examples of real subject lines:

  1. Action Required: Expiration Notice on [business email address]
  2. Action Required: [Date]
  3. Action Required: Review Message sent on [Date]
  4. [Action Required] Password Expire


Examples of real subject lines:

  1. File Document ####
  2. [Name], You have received a new document in [Company system]
  3. [Name] shared a document with you


Examples of real subject line:

  1. Verification Required!


Examples of real subject lines:

  1. eFax from ID: ####
  2. eFax® message from “[phone number]” – 2 page(s), Caller-ID: +[phone number]


Examples of real subject lines:

  1. VM from [phone number] to Ext. ### on Tuesday, May 4, 2021
  2. VM From ****#### Received – for <[user name]> July 26, 2021
  3. ‘”””1 VMAIL RECEIVED on Monday, June 21, 2021 3:02:55 PM””

Source link