Coronavirus-Related Phishing Email Attacks Up 600%

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, revealed the results of its Q1 2020 top-clicked phishing report.

The results found that phishing email attacks related to COVID-19 were up 600% in Q1 2020. Covering the entire first quarter, simulated phishing tests with an urgent message to check passwords immediately was most popular at 45%. Following this was a coronavirus-related message as the second most popular at 10%. Social media messages are another area of concern when it comes to phishing. Within the same report, KnowBe4’s top-clicked social media email subjects reveal new login alerts, password resets and someone may have accessed your account messages are coming onto the radar.   

“The bad guys are opportunists and they will use every chance they get to take advantage of people’s heightened emotions during crisis situations such as this one by trying to entice them to click on a malicious link or download an attachment laced with malware,” said Stu Sjouwerman, CEO, KnowBe4. “It’s no surprise that we’re seeing an explosion of phishing attacks related to the coronavirus because people are actively seeking more information about it. End users should be especially careful with any email they receive related to COVID-19 and immediately report suspicious-looking emails to their IT department.”

In Q1 2020, KnowBe4 examined tens of thousands of email subject lines from simulated phishing tests. The organization also reviewed ‘in-the-wild’ email subject lines that show actual emails users received and reported to their IT departments as suspicious. The results are below.

Top 10 General Email Subjects

  • Password Check Required Immediately
  • CDC Health Alert Network: Coronavirus Outbreak Cases
  • PTO Policy Changes
  • Scheduled Server Maintenance – No Internet Access
  • Test of the [[company_name]] Emergency Notification System
  • Revised Vacation & Sick Time Policy
  • De-activation of [[email]] in Process
  • Please Read Important from Human Resources
  • Someone special sent you a Valentine’s Day ecard!
  • You have been added to a team in Microsoft Teams

*Capitalization and spelling are as they were in the phishing test subject line.
**Email subject lines are a combination of both simulated phishing templates created by KnowBe4 for clients, and custom tests designed by KnowBe4 customers.

When investigating ‘in-the-wild’ email subject lines, KnowBe4 found the most common throughout Q1 2020 included:

  • List of Rescheduled Meetings Due to COVID-19
  • SharePoint: Coronavirus (COVID-19) Tax Cut Document
  • Confidential Information on COVID-19
  • IT: Work from home – VPN connection
  • Comcast: Notification from Carl Vargas
  • Microsoft: Your meeting will begin soon
  • HR: New Employee Stock Purchase Plan
  • Vodafone: Caller Alert: Msg Received Today
  • Amazon Chime: Vonage invites you to join vonage_303136
  • Parking Authority: Parking Ticket: Pay Charge