KnowBe4 today released its Q1 2025 Phishing Report. This quarter’s findings reveal the most deceptive email subjects users click in phishing simulations, indicating HR and IT-related emails account for over 60% of top-clicked phishing emails. All data for this report was taken from the KnowBe4 HRM+ platform between January 1, 2025, and March 31, 2025.
KnowBe4’s Q1 2025 Phishing Report reveals that impersonating internal communications, such as from HR or IT, received the most failures. An overwhelming 60.7% of the simulations clicked mentioned an internal team and 49.7% mentioned HR specifically. Despite evolving techniques by bad actors, phishing emails remain among the most prevalent tools for executing cyberattacks. Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into clicking malicious links or opening harmful attachments. Top reported subjects included “Zoom Clips” from managers, HR training reports, and mail server warnings.
The report highlights the ongoing threat posed by email-embedded phishing links, which continue to be a primary attack tactic. Analysis shows people were more likely to click on links related to internal topics or impersonating known brands (61.6%), with 68.6% involving domain spoofing. Organizations are highly susceptible to branded landing pages from Microsoft, LinkedIn and Google, which ranked as the top three most effective phishing destinations for harvesting credentials.
The report also reveals people’s continued susceptibility to phishing emails leveraging QR codes. The top three QR codes people scanned in simulations related to: a new drug and alcohol policy from HR (14.7%), a DocuSign for review and signing (13.7%) and a Workday happy birthday message (12.7%). In attachment-based campaigns, people were most likely to open PDFs (53%), HTML files (28.5%) and Word files (18.5%).
To download a copy of the Q1 2025 KnowBe4 Phishing Report infographic, visit here.
Related
This entry was posted on April 28, 2025 at 12:25 pm and is filed under Commentary with tags KnowBe4. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
KnowBe4 Releases Their Q1 2025 Phishing Report
KnowBe4 today released its Q1 2025 Phishing Report. This quarter’s findings reveal the most deceptive email subjects users click in phishing simulations, indicating HR and IT-related emails account for over 60% of top-clicked phishing emails. All data for this report was taken from the KnowBe4 HRM+ platform between January 1, 2025, and March 31, 2025.
KnowBe4’s Q1 2025 Phishing Report reveals that impersonating internal communications, such as from HR or IT, received the most failures. An overwhelming 60.7% of the simulations clicked mentioned an internal team and 49.7% mentioned HR specifically. Despite evolving techniques by bad actors, phishing emails remain among the most prevalent tools for executing cyberattacks. Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into clicking malicious links or opening harmful attachments. Top reported subjects included “Zoom Clips” from managers, HR training reports, and mail server warnings.
The report highlights the ongoing threat posed by email-embedded phishing links, which continue to be a primary attack tactic. Analysis shows people were more likely to click on links related to internal topics or impersonating known brands (61.6%), with 68.6% involving domain spoofing. Organizations are highly susceptible to branded landing pages from Microsoft, LinkedIn and Google, which ranked as the top three most effective phishing destinations for harvesting credentials.
The report also reveals people’s continued susceptibility to phishing emails leveraging QR codes. The top three QR codes people scanned in simulations related to: a new drug and alcohol policy from HR (14.7%), a DocuSign for review and signing (13.7%) and a Workday happy birthday message (12.7%). In attachment-based campaigns, people were most likely to open PDFs (53%), HTML files (28.5%) and Word files (18.5%).
To download a copy of the Q1 2025 KnowBe4 Phishing Report infographic, visit here.
Share this:
Like this:
Related
This entry was posted on April 28, 2025 at 12:25 pm and is filed under Commentary with tags KnowBe4. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.