These were the most common phishing emails of 2023 — make sure you don't get caught out as well

Email app on mobile device
(Image credit: Brett Jordan on Unsplash)

Phishing has long been a popular vector for cybercriminals in order to coax valuable information out of victims - and 2023 was no different.

A new report from email security firm Cofense has delved into the most common themes in email phishing attacks last year. The themes it assigned were based on the contents, such as the email body, subject line, attachments, and so on.

Cofense says that assigning accurate themes to phishing emails is important as it "enables a more focused response" and "assists companies in better selecting relevant phishing simulations to use."

Major, moderate, minor

The company split the scam emails into three main categories, based on the volume: major, moderate, and minor.

Of the major themes - the phishing emails with the highest volume - finance was the most popular, making up 54%. These emails related to topics such as invoices and payments. Notification phishing emails, which are those related to password expiration, reminders, appointments, required actions and the like, came second with 35%. 

Shipping phishing emails were third at 7%. Response mode scams were fourth at 3%.  These emails aim to elicit a response to queries; these queries could be fabricated by the threat actors, or sometimes they make use of legitimate emails as a result of hijacked email accounts. 

Interestingly, these phishing emails peaked in Q2 of 2023, with May being 25% higher than any other month. Cofense suggests that this could be due to the rise in QakBot campaigns that month, which made use response themes and hijacking email threads. 

When it came to moderate themes - those seen with regularity but often pertain to more specific and complex campaigns - document and voicemail scams proved popular, at 38% and 25% respectively. Travel assistance was close behind with 24%, and fax and legal email scams were far back at 8% and 6% respectively.

Minor themes are those that occurred the least often, and usually related to certain times of the year. Phishing emails with the theme of benefits (37%) and taxes (32%) made up the majority in this category, followed by job applications (21%) and closing on properties (10%).

It seems that phishing emails are getting more sophisticated, and are still a serious problem for business, as they can be one of leading causes of compromise. With the rise of AI tools, it will be even easier for cybercriminals to craft convincing scams. 

MORE FROM TECHRADAR PRO

Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 


His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.


He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.