Most ransomware and other viruses are spread via email. We all get so much email that sometimes it can be hard to tell legitimate emails from the poisonous one. And that’s exactly what the cybercriminals count on.

One of the best ways to mask a fraudulent email is by using realistic, perhaps even enticing, email subject lines. A subject line that gets our attention can get us one step closer to opening and activating the virus. And what are some of the things that get our attention? Not surprisingly, at the top of the list is……….money!

Subjects lines that mention “payment,” for example, have been the most-opened emails for many years. During tax season, however, W2 and other tax season-themed subject lines can temporarily take the top spot, before noticeably dropping off.

Cybercriminals can also leverage our fears. Many subject lines include elements of urgency—which can sometimes get us to act without second-guessing the instructions. Aside from actually using the word “urgent”, they may mention a company healthcare policy, or your company’s CEO. Nobody wants to get into trouble or miss a relevant piece of information that sound like it relates to your job. Even if we suspect the email may be a hoax, we still might open it just to be sure. Subject lines that fall into the “urgent” category have been increasing.

Moving in the other direction, cybercriminals can also trick us by using innocuous, perhaps even boring, subject lines to avoid being detected by anti-fraud tools. Would you think twice about an email that was simply titled “coupon” or “hello”?

Simply put, cybercriminals will try everything they can to get us to open a fraudulent email. Once it gets past filtering software, which happens with increasing frequency, it’s up to us to police ourselves. Think twice before you click on any links in an email or download an attachment.

Here are some of the more popular subject lines for virulent emails in 2017:

For more information on how to protect yourself from ransomware, please contact us.