Words That Can Steal Your Data


Phishing - assessing an organisation's system by malware planted in emails - is a very common way that companies can find their data integrity threatened. The hackers behind phishing attacks are well aware their the recipients of their emails probably have to act on hundreds of emails a day, so need to choose a subject line that will make them click on any link within that email.


Cybersecurity company Barracuda Networks analysed more than 360,000 phishing emails over three months to discover the most common subject lines used by cybercriminals to trick recipients into opening the emails. They found that the top subject lines are based around the following key phrases:


  • Request
  • Follow up
  • Urgent/Important
  • Are you available?/Are you at your desk?
  • Payment Status
  • Hello
  • Purchase
  • Invoice Due
  • Re:
  • Direct Deposit
  • Expenses
  • Payroll


"Increasingly the social element is becoming the key "attack vector" in cybersecurity attacks. In the past, attackers sent ransomware emails, which actually took over the computer and encrypted the files, asking for a ransom," Asaf Cidon, VP for content security at Barracuda Networks commented.


"But today, they don't even need to send ransomware. They can simply use social manipulation to get the recipient to send a ransom – which is far cheaper, more effective and harder to detect."

The full report can be viewed here.

more news

BA, Marriott Face Massive Fines For Data Loss


If proof was needed that poor data protection is bad for the corporate wallet, two examples have demonstrated that substantial fines face those organisations that have lax data security.

read more

Cumbria First Police Force To Utilise NMC Tools


Cumbria Constabulary has become the first police force to use the National Management Centre (NMC) for cybersecurity set up under the National Police Chiefs’ Council (NPCC).

read more

Phishing Attacks Bypassing 2-Factor Authentication


Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block, reports CSO Magazine.

read more

Third of Breaches Caused By Unpatched Vulnerabilities


IT security professionals have admitted that a third of cybersecurity breaches are the result of vulnerabilities that they should have patched.

read more