Intelligent Build.tech Issue 14 | Page 20

INF

GRAPHIC

New KnowBe4 phishing report reveals HR and IT related emails are the top choices for phishing scams

KnowBe4 ’ s Q1 2024 global phishing report finds that HR and IT related email subjects account for more than 42 % and 30 % of top phishing email subjects respectively .

K nowBe4 , a provider of the world ’ s largest security awareness training and simulated phishing platform , has announced the results of its Q1 2024 top-clicked phishing test report . The results include the most common email subjects clicked on in phishing tests , reflecting the persistent use of HR or IT related business email messages that captivate employees ’ interests .

Phishing emails continue to be one of the most common methods for executing cyberattacks on organisations worldwide . KnowBe4 ’ s 2023 Phishing by Industry Benchmarking Report reveals that nearly one-third of users are susceptible to clicking on malicious links or complying with fraudulent requests . As a result , cybercriminals take advantage of this vulnerability and leverage the innovative tools available to them , such as AI , to come up with increasingly sophisticated messages to outsmart users . These bad actors tailor phishing email strategies to appear more legitimate in their requests and trick employees by inciting an emotional response and urgency to click on a malicious link or download an infected attachment .
KnowBe4 ’ s report shows that cybercriminals are becoming increasingly tactical in exploiting employee trust by using HR related phishing emails due to their seemingly legitimate source .
HR-related phishing attacks take the top spot at 42 %, a trend that has persisted for the last three quarters , followed by ITrelated phishing emails at 30 %. Phishing emails from HR or IT departments that prompt dress code changes , tax and healthcare updates , training notifications and other similar actions are effective in deceiving employees as they can affect a user ’ s work , evoke an immediate response and can cause a person to react before thinking about the validity of the email .
The KnowBe4 phishing report this quarter also noted more personal phishing email attacks , such as tax , healthcare and ApplePay , that could affect users ’ sensitive information . These types of attacks are effective because they cause a person to react to a potentially alarming topic and engage to protect their private information before thinking logically about the credibility of the email .
20 www . intelligentbuild . tech