If you want to get someone to open a phishing email, it seems that LinkedIn as a subject is a great lure. So note a recent survey from Atlas VPN which went through thousands of email subject lines sent in the third quarter of 2020, and examined to see which had a more successful open rate than others.
Naming a social media site in the subject — such as a claiming a message was waiting in their account — were among the more popular ways t get someone to click on an email. But the most successful of all social media sites was LinkedIn, with an open rate more than three times that of other social media sites including Twitter, Facebook and also WhatsApp.
"Emails impersonating LinkedIn remain the most opened social media phishing emails for 3 years in a row," read the report. Numbers bear this out, with 47 percent of emails purporting to be from LinkedIn opened, compared to just 15 percent of those that stated that someone had sent a direct message to you from Twitter.
Besides using social media names in subject lines, phishing scams can also mention Covid-19 or work concernsGetty Images/iStock
Next on the list was Facebook, with a subject that a friend had tagged you in their photos getting a 12 percent open rate, and an alert to a WhatsApp message getting just 5 percent of receivers to open these.
Adding LinkedIn in almost any guise worked to get people to click, whether the subject alerted someone that their LinkedIn profile was getting viewed, or that they had appeared in new searches, or even an invitation to join someone's network.
Covid-19 and other lures
Malware threats have increased exponentially since the pandemic began, and phishing emails touting details about Covid-19 also got attention. Some of the most likely to get opened included subjects that alluded to work policy or safety updates. Emails that had a subject line, "Please review the leave law requirement" were opened by 12 percent of those who received it, for example.
Over the past several months phishing emails and even text messages have promised details about payments, rebates and even tried to lure people to download programs by pretending they were coronavirus trackers.
Classic lures, such as warning someone they needed to check their password, got a 9 percent open rate, and those falsely claiming that a server was scheduled to be maintained, got a 7 percent open rate.
Emails should always be opened with caution — and certainly users should avoid clicking links embedded in emails. Instead, typing in the URL associated with the sender or business, and then logging into an account through that method, is often a safer bet.