The most successful phishing subject lines revealed July 25, 2018 https://betanews.com/2018/07/25/successful-phishing-lines/
47% of them are typical subject lines from LinkedIn. That's 3 times more than the next most popular subject line (facebook stuff). It seems that you should just take the trouble to navigate to LinkedIn in your browser, rather than clicking on the email link. Probably easier to do that than to carefully analyse the email message and the link, no?
Phished credentials caused twice as many breaches than malware in the past year https://www.helpnetsecurity.com/2018/09/13/phished-credentials/
Credential-Phishing Attempts Highest on Tuesdays https://www.infosecurity-magazine.com/news/credentials-phishing-attempts/
Most Malware Arrives Via Email Watch out for messages with the word "invoice" in the subject line, too October 11, 2018 https://www.darkreading.com/attacks-breaches/most-malware-arrives-via-email/d/d-id/1333023
Password Check Required Immediately -- and more of 2018's most successful phishing subject lines October 23, 2018 https://betanews.com/2018/10/23/top-phishing-subject-lines-2/
The most-clicked phishing lines of 2018 January 22, 2019 https://betanews.com/2019/01/22/most-clicked-phishing-2018/
These are the 12 most common phishing email subject lines cyber criminals use to fool you March 19, 2019 https://www.zdnet.com/article/these...ubject-lines-cyber-criminals-use-to-fool-you/
tl;dr Request Follow up Urgent/Important Are you available?/Are you at your desk? Payment Status Hello Purchase Invoice Due Re: Direct Deposit Expenses Payroll But really, if your email client is locked down well enough -- text only, no images, no HTML, no code execution -- you can actually look at messages. You can check out the headers. You can check out links safely. But yeah, I get that most users are too clueless for that. Sad. Eternal September. So it goes.
These subject lines are the most clicked for phishing January 16, 2020 https://www.techrepublic.com/article/these-subject-lines-are-the-most-clicked-for-phishing/