The five most dangerous email subjects to watch for

Phishing campaigns are constantly evolving and it can be too easy to fall for them -- so what types of email should you stay vigilant against?
Written by Charlie Osborne, Contributing Writer

New research has revealed the email subjects most likely to represent a phishing lure, as well as the ten countries that are most likely to host campaigns for cybercriminals.

According to researchers at Websense, as cloud infrastructure becomes more easily scalable and botnets can be hired relatively cheaply -- their availability obvious should you choose to skim over a number of hacking forums -- the cost of conducting extensive phishing campaigns has also declined.

If a cybercriminal chooses to go phishing, this usually results in communication over social media or email which lures potential victims to click on links that download malicious code to a computer system. The emails may impersonate reputable firms such as banks, electronic fund transfer services or retail stores -- and often come complete with replica websites, logos and authentic-looking email addresses. Once clicked upon, the cybercriminal attempts to make consumers input valuable information, such as bank account details or account passwords. However, malicious software could also act as a trojan, keylogger or ransomeware. 

A recent example is a U.K.-based phishing campaign posing as the HMRC tax office. The phishing emails say that the user is entitled to a tax refund and sends you along to a form which asks for information including name, address, bank details and card verification number.

Websense says that while the percentage of phishing attempts within all email traffic dropped to 0.5 percent in 2013 -- down from 1.12 percent in 2012 -- this is not necessarily good news. We may be receiving less of them, but campaigns are now far more sophisticated and targeted as criminals use additional resources in making campaigns more successful.

According to the researchers:

"Today's phishing campaigns are lower in volume but much more targeted. Cybercriminals aren't simply throwing millions of emails over the fence. They are instead targeting their attack strategies with sophisticated techniques and integrating social engineering tactics. Scammers use social networks to conduct their recon and research their prey. Once the intelligence is harvested, they use that information to carefully construct email lures and yield maximum success."

In addition to social engineering, location also plays a part. By rank, the top ten countries hosting phishing URLs are as follows:

1. China
2. United States
3. Germany
4. United Kingdom
5. Canada
6. Russia
7. France
8. Hong Kong
9. Netherlands
10. Brazil

Websense says that interestingly, this is the first year China has made the list -- and what a debut it must have been to shoot to the top of the list, knocking the U.S. off its customary perch as the top malicious URL host. In addition, the U.K. has moved up from the sixth spot in 2012, and Russia is hosting more phishing URLs than ever before, being bumped up from the 10th spot last year.

But what subject lines are most likely to dupe an individual or business in to falling for a phishing campaign? Based on the researchers' findings, the top five which are most likely to be clicked upon are:

1. Invitation to connect on LinkedIn
2. Mail delivery failed: returning message to sender
3. Dear Customer
4. Comunicazione importante
5. Undelivered Mail Returned to Sender

To combat phishing attacks, installing a strong security solution can alert you before malicious files are downloaded to a system or if you visit a website that is not legitimate. However, common sense is also key -- for example, if you are not a member of a particular bank or haven't recently conducted a transaction online, be extra careful before you open any emails. If in doubt, call the company in question. Below is also the Websense Security Labs infographic on this research:

Credit: WebSense


Editorial standards