These are the phishing email topics with the highest failure rates over the past year of phishing campaigns:
- Your package has arrived/your package is undeliverable
- Change your password
- You’re over your email quota
- You need to do a security update
- You've received a corporate electronic fax
The Corporate e-faxx phishing email had the single highest average failure rate (over 40%). Considering the fact that “faxx” is spelled incorrectly in the subject line, this is a pretty high failure rate and, in theory, an easy phishing email to recognize.
The highest failure rate of any single phishing simulated attack was an unbelievable 99% and was about an IT issue. Alternatively we have seen phishing campaigns that didn’t catch even one user, with topics such as online shopping, holiday cards, and updating social media passwords. This was clearly an educated user audience.
When you’re planning your security awareness and training program for next year, ensure you add some simulated phishing emails about everyday tasks so that you appropriately assess your users and motivate them to complete in-depth training.
Click here to get more information about our simulated phishing attacks tool and how this solution can help you assess vulnerability to attack, automatically increase training completion, and ultimately create secure behavior in your users.