Keywords to Be Wary of in Phishing Scams

By Stoneridge Team | October 7, 2021

A recent report released by the cybersecurity company Expel analyzed keywords hackers use to try and trick people into falling for phishing scams.

Phishing email attacks are one of the main threat vectors every company and IT department should be aware of. These emails often include business terminology employees might find disarming if they aren't trained to spot suspicious emails. This leads to people opening attachments and links connected to credential-harvesting sites.

The report analyzed 10,000 phishing emails in July 2021 and found that 65 percent of them were Business Email Compromise (BEC) attempts in Microsoft 365 and 72 percent were phishing scams that included business-centric keywords such as:

  • Invoice
  • New
  • Required
  • <Blank Subject>
  • File
  • Request
  • Action
  • Document
  • Verification
  • eFax
  • VM

Hackers use these words, or a combination of them, to try and get targeted email users to let their guard down and click on links or attachments. It may appear as a "new request from a customer" or a "missing invoice requiring immediate action."

word cloud for keyword blog postWhat are the solutions? 

Stoneridge Software recommends educating your staff to spot suspicious email activity and report it to your IT department or providers so they can investigate and remediate. Having staff members who are hyper-aware of this threat vector is the best defense in preventing attacks. Suppose an email comes in and contains the keywords listed above or references any kind of customer file or document. In that case, it's typically good practice to read through the entire email thoroughly and think about these two main questions:

  1. Is this communication (document, invoice, verification request, link, etc.) something you normally receive via email? If not, there is a reason to flag it as suspicious.
  2. Can you 100 percent confirm the sender's email is one you recognize? If not, cross reference it with your company's client/contact list to make sure the mail is legitimate. If it's not on the list, it could be a scam.

Other measures your company can use to protect your network and the data stored on it are ensuring you have a sound backup strategy that is consistently monitored and tested and enabling multi-factor authentication. (MFA)

A backup strategy will keep copies of your data on-site, off-site, and on-cloud that your IT staff can use to restore if hackers harvest your data and hold it for ransom. MFA gives your security multiple layers of protection that can stop an attacker from accessing your system even if they are able to harvest email credentials.

When in doubt, run a suspicious email by your IT department or provider. Even if something seems off a little bit, being safe is better than being sorry.


Stoneridge Software will provide you with solutions to protect your network and data. If you have any questions contact us.

Under the terms of this license, you are authorized to share and redistribute the content across various mediums, subject to adherence to the specified conditions: you must provide proper attribution to Stoneridge as the original creator in a manner that does not imply their endorsement of your use, the material is to be utilized solely for non-commercial purposes, and alterations, modifications, or derivative works based on the original material are strictly prohibited.

Responsibility rests with the licensee to ensure that their use of the material does not violate any other rights.

Start the Conversation

It’s our mission to help clients win. We’d love to talk to you about the right business solutions to help you achieve your goals.

Subscribe To Our Blog

Sign up to get periodic updates on the latest posts.

Thank you for subscribing!