If an unfamiliar email shows up in your inbox with an empty subject line, there’s a likely chance that it’s from a scammer.
Malicious emails from cybercriminals usually target businesses or individuals by appearing to be from a legitimate institution, like a bank, government agency or delivery service. With phishing attacks, scammers will include a link in their email, in an effort to extract personal information.
According to the data presented by the Atlas VPN team, 67% of malicious emails have the ‘subject’ line empty.
The data looked at trends identified through investigations into alerts, email submissions or hunting leads. They surveyed incidents across numerous organizations that varied in size and industry.
When it comes to subjects lines, some of the more common phrasing used in phishing and scam emails are:
9% use ‘Fax Delivery Report’
6% use ‘Business Proposal Request’
4% use ‘Request’
4% use ‘Meeting’
3.5% use *‘You have (1) New Voice Message’**.
2% use ‘Re: Request’
2% use ‘Urgent request
2% use 'Order Confirmation’
How to detect a phishing email
Phishing emails often have easily distinguishable characteristics. Some of these include:
Grammatical errors - Many scammers are not from English-speaking countries, which means their writing might contain grammatical errors native speakers wouldn’t make. On the other hand, some hackers will intentionally use errors to filter out less observant people.
Public email address domain - Make note of the email address that sent the email. No legitimate business will send email from public email domains such as “gmail.com”.
Asking for sensitive information - A legitimate company will never ask for sensitive information over email. If there is a link or an attachment in the email that asks you to provide personal data like a credit card number or a password, it is likely a scam.