KnowBe4 today released its Q2 2025 Simulated Phishing Roundup report. The roundup highlights a continued trend of employee susceptibility to social engineering techniques that exploit familiarity and trust, as seen in dominant interactions with internal communications and well-known brands, making up 98% of top email subject lines. All data for this roundup was taken from the KnowBe4 HRM+ platform between April 1, 2025, and June 30, 2025.
Key Findings from the Roundup Report:
- Consistency with Previous Quarter
- Phishing simulation trends remained largely consistent with Q1 2025 (January 1 – March 31, 2025).
- Internal Topics Dominate
- Internal-themed topics made up 98.4% of the top 10 most-clicked email templates.
- Among these, HR was cited in 42.5% of phishing failures and IT in 21.5%.
- Branded Landing Pages
- 71.9% of malicious landing page interactions involved branded content.
- Microsoft was the most common, accounting for 26.7%, followed by LinkedIn, X, Okta, and Amazon.
- Top Clicked Hyperlinks
- 80.6% of the top 20 clicked links came from internally-themed simulations.
- 68.2% of these used domain spoofing techniques.
- Attachment Interactions
- PDF attachment clicks rose by 8.1% compared to Q1.
- PDFs comprised 61.1% of the top 20 attachments, followed by HTML files (20.9%) and Word documents (18.0%).
Download a copy of the Q2 2025 KnowBe4 Simulated Phishing Roundup report, here.
Related
This entry was posted on July 17, 2025 at 12:27 pm and is filed under Commentary with tags KnowBe4. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
KnowBe4 Research Reveals That Fake Internal Emails Dominate Phishing Simulation Clicks
KnowBe4 today released its Q2 2025 Simulated Phishing Roundup report. The roundup highlights a continued trend of employee susceptibility to social engineering techniques that exploit familiarity and trust, as seen in dominant interactions with internal communications and well-known brands, making up 98% of top email subject lines. All data for this roundup was taken from the KnowBe4 HRM+ platform between April 1, 2025, and June 30, 2025.
Key Findings from the Roundup Report:
Download a copy of the Q2 2025 KnowBe4 Simulated Phishing Roundup report, here.
Share this:
Like this:
Related
This entry was posted on July 17, 2025 at 12:27 pm and is filed under Commentary with tags KnowBe4. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.