Expecting the Unexpected: Phishing - Machado Consulting's News You Can Use | Worcester, Massachusetts | Machado Consulting


Helder Machado

President/CEO of Machado Consulting

Expecting the Unexpected: Phishing

Phishing attacks attempt to coerce information from users. They are especially sinister because they use personalized messages to target specific users or businesses. Unlike spam emails, which are typically generic in nature, phishing attacks can yield major results because messages are so convincing.


Phishing is BIG business! With a review of the year’s most clicked subject lines, we looked for trends that could easily be identified. The five subject line categories that appeared quarter-over-quarter related to: deliveries, passwordscompany policies, vacation, and IT Department (in the wild) emails.



Some of the most common 'In the Wild' attacks in this period were:

  • Apple: You recently requested a password reset for your Apple ID
  • Sharepoint: You Have Received 2 New Fax Messages 
  • Docusign: You've received a Document for Signature
  • ZipRecruiter: ZipRecruiter Account Suspended
  • IT System Support
  • Amazon: Your Order Summary
  • Office 365: Suspicious Activity Report

Here’s a look at the Top 10 Most-Clicked General Email Subjects in Q4 2018: 

  • Password Check Required Immediately/Change of Password Required Immediately 19%
  • Your Order with Amazon.com/Your Amazon Order Receipt 16%
  • Announcement: Change in Holiday Schedule 11%
  • Happy Holidays! Have a drink on us. 10%
  • Problem with the Bank Account 8%
  • De-activation of [[email]] in Process 8%
  • Wire Department 8%
  • Revised Vacation & Sick Time Policy 7%
  • Last reminder: please respond immediately 6%
  • UPS Label Delivery 1ZBE312TNY00015011 6%  

Be sure to protect yourself by double checking the sender’s name, full email address and URLs. You should suspect malicious intent if the sender is asking for any personal information or money, also, if there are spelling mistakes or a strong sense of urgency to respond, you are likely the almost-victim of a phishing scam. Don’t give them any information and make sure you mark the email as spam. If you have any questions or suspicions about an email you receive, feel free to contact us. 

 For a full infographic on these most common phishing attempts, click here.

Learn to Use Email Safely
Why Multitasking Doesn’t Work (and What to Do Inst...