Most Clicked Phishing Emails in Q2, 2018

Security training and phishing email simulation platform provider KnowBe4 has released a report on the most clicked phishing emails in Q2, 2018.

If businesses provide security awareness training to their employees and train them how to recognize phishing and other malicious emails, click rates fall dramatically. Since a single response to a phishing email can result in a costly data breach, security awareness training is essential.

Many security awareness training companies have developed phishing simulation tools to test the effectiveness of training programs. Use of these tools helps companies gauge how effective their training programs have been and failed phishing simulations can also be used as a training opportunity to help plug gaps in security knowledge of specific employees.

KnowBe4 is one such company that has developed a phishing email simulation platform. The Tampa Bay-based firm’s platform is used by many companies in the United States to train employees and test how good they are at identifying email threats.

The firm has now released a report that details the most clicked phishing emails in Q2, 2018 by users of its platform – These are the types of emails most likely to fool employees in real-world phishing attacks.

When employees receive security awareness training they are more alert to security issues, so it is no surprise that the top three clicked emails are security related. These emails use fear to get a response, which typically involves the disclosure of login credentials or the opening of a malicious email attachment that ultimately results in malware or ransomware being downloaded. The emails use urgency to get end users to take action without thinking.

Many of the emails used in the simulations mimic both real world phishing attacks and genuine emails likely to be received by employees, such as notifications about courier deliveries, software related issues, and updates to company policies. Email addresses are often spoofed to make it appear that the emails have been sent from a genuine company or from within an organization. For added realism.

In Q2, the most clicked phishing emails were:

  1. Password Check Required Immediately (15% of employees)
  2. Security Alert (12% of employees)
  3. Change of Password Required Immediately (11% of employees)
  4. A Delivery Attempt was made (10% of employees)
  5. Urgent press release to all employees (10% of employees)
  6. De-activation of [[email]] in Process (10% of employees)
  7. Revised Vacation & Sick Time Policy (9% of employees)
  8. UPS Label Delivery, 1ZBE312TNY00015011 (9% of employees)
  9. Staff Review 2017 (7% of employees)
  10. Company Policies-Updates to our Fraternization Policy (7% of employees)

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of