Every phishing marketing campaign that Cofense Intelligence analyzes is given a title which features a theme. This theme is necessary as a result of it characterizes the marketing campaign and supplies perception into the menace actor’s intentions. Realizing {that a} phishing e mail focusing on the hospitality trade is themed after Journey Help reasonably than a generic Finance theme is critical because it permits a extra targeted response. It additionally assists corporations in higher deciding on related phishing simulations to make use of on their staff. We’re going to cowl a number of the extra widespread themes, what they’re composed of, and what developments we will observe with them.
Most important Takeaways
- Themes are primarily based off of the e-mail content material together with the topic, e mail physique, attachments, and many others.
- Highest variation of themes was in Q3 and This fall of 2023.
- Advantages themed emails had been most typical in Q1 and This fall of 2023.
- Fax and Doc themed emails had been most typical in Q1 of 2023.
- Authorized themed emails had been most typical in Q3 and This fall of 2023.
- Tax and Notification themed emails had been most typical in Q3 of 2023.
- Closing (as in closing on a property) themed emails had been most typical in Q1 and Q3 of 2023.
- Of the Main themes, Finance made up 54%, Notification made up 35%, Transport made up 7%, and Response made up 3%.
- Of the Average themes, Doc made up 38%, Voicemail made up 25%, Journey Help made up 24%, Fax made up 8%, and Authorized made up 6%.
- Of the Minor themes, Advantages made up 37%, Taxes made up 32%, Job Software made up 21%, and Closing made up 10%.
What Phishing E-mail Themes Imply
The themes noticed on this report are particularly the general theme of the e-mail, not simply the topic or the credentials focused. This contains the model spoofed, the attachment names, rendered attachments within the case of paperwork or HTM(L) information, and the e-mail physique content material. That stated, a giant a part of the theme of an e mail is tied to its topic as that’s, in any case, the primary a part of an e mail {that a} sufferer sees, so it’s typically designed to attract of their consideration.
Themes Over Time
Observing developments within the phishing e mail themes of campaigns throughout 2023 helps give us perception into what menace actors suppose is almost definitely to get interplay from victims at that cut-off date. We are going to have a look at a number of adjustments in theme quantity primarily based on time of 12 months, for instance Advantages themed emails spiking throughout related time durations. General, we noticed highest quantity of persistently themed campaigns in Q3, the bottom quantity in Q2 and the very best variation in themes in Q3 and This fall.
Main Themes:
The “Main” phishing e mail themes listed below are the themes with the very best quantity which can be additionally sometimes probably the most related as staff usually tend to see them. The themes on this class are Finance, Notification, Transport, and Response.
Finance-themed emails sometimes have topics referring to invoices, funds, pay slips, statements, orders, remittances, or receipts. Finance themes had been comparatively constant for 2023, seeing an total slight lower from Q1 to This fall with no main declines or will increase. That is doubtless attributable to Finance being the most typical theme total and seeing the identical decline in quantity that almost all campaigns noticed in the direction of the tip of the 12 months.
Notification-themed emails sometimes have topics referring to password expiration, reminders, messages, required actions, current actions, or appointments. Notification themes slowly elevated till Q3 after which dropped off in This fall. That is a part of an total pattern in phishing as This fall noticed an total lower in campaigns.
Transport-themed emails sometimes have topics referring to shipments, port info, arrival notices, cargo, or something to do with DHL, FedEx, UPS, and USPS. Transport themes had been highest in Q1, particularly in February, and continued to say no till This fall. In line with our Strategic Evaluation “Transport-Themed Emails: Not Only for The Holidays” that coated information from 2021-2023, the amount of delivery themed emails sometimes will increase solely barely in This fall which we noticed solely in the direction of the tip of This fall in 2023.
Response-themed emails sometimes have topics referring to any kind of response or typically forwarded messages in addition to hijacked and spoofed e mail threads. Whereas many menace actors spoof reply chain threads, probably the most superior menace actors hijack pre-existing e mail threads. Response themes peaked in Q2, particularly in Could which was 25% larger than each different month. This is smart as Could noticed a surge in QakBot campaigns using response themes and even injecting into pre-existing reply chains.
Determine 1: Main marketing campaign themes in 2023.
Average Themes:
The “Average” phishing e mail themes listed below are the themes that aren’t mostly seen however are nonetheless seen with regularity and are sometimes utilized in extra focused or advanced campaigns. The themes on this class are Doc, Voicemail, Journey Help, Fax, and Authorized.
Doc-themed emails sometimes have topics referring to authorized paperwork, doc signatures, accomplished paperwork, shared paperwork, or they spoof DocuShared and DocuSign. Doc themed emails had been the one reasonable theme that didn’t decline in Q2.
Voicemail-themed emails sometimes have topics referring to voicemail, voice messages, name audio, voice calls, caller particulars, caller notes, missed calls, recordings, or name transcripts. Voicemail themes peaked initially of Q1 and the tip of Q3 earlier than leveling out in This fall.
Journey Help-themed emails sometimes have topics referring to responses to reconnaissance emails about reserving, reservations, assist with journey, reserving, medical lodging, room necessities. Journey Help themed emails focusing on hospitality from Q3 to This fall however died off in the direction of the tip of This fall. Particularly in December there was a 66% drop in Journey Help themed ATR quantity.
Fax-themed emails sometimes have topics referring to fax messages, faxed paperwork, confidential faxes, or they’re spoofing eFax or MyFax. Fax themes peaked in Q3, hit all-time low in Q2, and slowly elevated for the remainder of the 12 months.
Authorized-themed emails have a number of the widest spreads of associated topics and sometimes have topics referring to arrests, guardianship challenges, summons, court docket circumstances, sanctions, automobile fines, accusations, prison fits, or lawsuits. Authorized themes elevated throughout 2023 from Q1 to This fall. The overwhelming majority of those had been in Spanish. Q1 to Q3 had been principally Remcos however This fall noticed a diversification into XWorm RAT, njRAT, and Async RAT.
Determine 2: Average marketing campaign themes in 2023.
Minor Themes:
The “Minor” phishing e mail themes listed below are the least typically seen however almost definitely to be associated to a sure time of 12 months. The themes on this class are Closing (sometimes on a home), Advantages, Taxes, and Job Software.
Closing-themed emails (sometimes on a home) sometimes have topics referring to closing paperwork, closing packages, payoff statements, closing funds, or closing disclosures. Closing themes decreased over time and didn’t present up in any respect in Q2 which is shocking as Q2-Q3 is usually the largest time for actual property gross sales.
Advantages-themed emails sometimes have topics referring to insurance coverage protection, wage changes, payroll coverage, advantages packages, yearly advantages, wage amendments, enrollment, medical protection, worker advantages, medical health insurance, open enrollment, W2s, or trip approval. Advantages themes had been highest in Q1 and This fall which is smart as it’s round this time that almost all corporations do advantages.
Taxes-themed emails sometimes have topics referring to taxes invoices, VAT, tax receipts, tax clearances, tax critiques, gross sales tax, tax credit, e-filling, or the IRS. Tax themed emails peaked in Q3 and This fall, doubtless utilizing the overdue date of taxes to make individuals panic (Taxes for United States primarily based corporations are sometimes due in April initially of Q2).
Job-Software-themed emails sometimes have topics referring to resumes, CVs (curriculum vitaes), job provides, purposes, job vacancies, job searches, or a place title like “monetary advisor”. Job software themes had been constant for Q1 and Q2 however declined for the second half of the 12 months.
Determine 3: Minor marketing campaign themes in 2023.
Samsung Galaxy M14 5G (Berry Blue,6GB,128GB)|50MP Triple Cam|Segment's Only 6000 mAh 5G SP|5nm Processor|2 Gen. OS Upgrade & 4 Year Security Update|12GB RAM with RAM Plus|Android 13|Without Charger
₹11,499.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Samsung Original 25W Single Port, Type-C Fast Charger, (Cable not Included), White
₹1,299.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
realme Buds T300 Truly Wireless in-Ear Earbuds with 30dB ANC, 360° Spatial Audio Effect, 12.4mm Dynamic Bass Boost Driver with Dolby Atmos Support, Upto 40Hrs Battery and Fast Charging (Stylish Black)
₹2,299.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
POCO C51 (Power Black, 6GB RAM, 128GB Storage)
₹5,999.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
realme narzo N53 (Feather Gold, 4GB+64GB) 33W Segment Fastest Charging | Slim Smartphone | 90 Hz Smooth Display
₹7,999.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Portronics Toad 23 Wireless Optical Mouse with 2.4GHz, USB Nano Dongle, Optical Orientation, Click Wheel, Adjustable DPI(Black)
₹299.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Canon PIXMA PG47 Black Ink Cartridge
₹649.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Seagate Expansion 1TB External HDD - USB 3.0 for Windows and Mac with 3 yr Data Recovery Services, Portable Hard Drive (STKM1000400)
₹4,998.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Callas Multipurpose Foldable Laptop Table with Cup Holder | Drawer | Mac Holder | Study Table, Breakfast Table, Foldable and Portable/Ergonomic & Rounded Edges/Non-Slip Legs (WA-27-Black) | Metal
₹498.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Duracell USB Type C, 3A Braided Sync & Fast Charging Cable, 3.9 Ft (1.2M),QC 2.0/3.0 Ultra Fast Charging,Compatible with Samsung,One Plus & all C type devices,Seamless Data Transmission,Series 3-Black
₹379.00 (as of January 31, 2024 00:36 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
SanDisk 2TB Extreme Portable SSD - Up to 1050MB/s, USB-C, USB 3.2 Gen 2, IP65 Water and Dust Resistance, Updated Firmware - External Solid State Drive - SDSSDE61-2T00-G25
$139.95 (as of January 28, 2024 21:00 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Seagate Storage Expansion Card For Xbox Series XS 1TB Solid State Drive - NVMe Expansion SSD, Quick Resume, Plug & Play, Licensed(STJR1000400)
$149.00 (as of January 28, 2024 21:00 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
AMD Ryzen 5 5600X 6-core, 12-Thread Unlocked Desktop Processor with Wraith Stealth Cooler
$152.99 (as of January 28, 2024 21:00 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
ELEGOO 120pcs Multicolored Dupont Wire 40pin Male to Female, 40pin Male to Male, 40pin Female to Female Breadboard Jumper Ribbon Cables Kit Compatible with Arduino Projects
$6.98 (as of January 28, 2024 21:00 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)