News

|

Feeds

|

Email

KnowBe4's Q2 2025 Phishing Simulation Roundup report underscores employees' continued vulnerability to malicious emails that appear familiar, whether from HR, IT, or major brands

TAMPA BAY, Fla., July 17, 2025 /PRNewswire/ -- KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today released its Q2 2025 Simulated Phishing Roundup report. The roundup highlights a continued trend of employee susceptibility to social engineering techniques that exploit familiarity and trust, as seen in dominant interactions with internal communications and well-known brands, making up 98% of top email subject lines. All data for this roundup was taken from the KnowBe4 HRM+ platform between April 1, 2025, and June 30, 2025.

Key Findings from the Roundup Report:

    --  Consistency with Previous Quarter
        --  Phishing simulation trends remained largely consistent with Q1 2025
            (January 1 - March 31, 2025).
    --  Internal Topics Dominate
        --  Internal-themed topics made up 98.4% of the top 10 most-clicked
            email templates.
        --  Among these, HR was cited in 42.5% of phishing failures and IT in
            21.5%.
    --  Branded Landing Pages
        --  71.9% of malicious landing page interactions involved branded
            content.
        --  Microsoft was the most common, accounting for 26.7%, followed by
            LinkedIn, X, Okta, and Amazon.
    --  Top Clicked Hyperlinks
        --  80.6% of the top 20 clicked links came from internally-themed
            simulations.
        --  68.2% of these used domain spoofing techniques.
    --  Attachment Interactions
        --  PDF attachment clicks rose by 8.1% compared to Q1.
        --  PDFs comprised 61.1% of the top 20 attachments, followed by HTML
            files (20.9%) and Word documents (18.0%).

"One of the key takeaways from the Q2 Simulated Phishing Roundup is the critical role trust plays in cybersecurity," said Erich Kron, cybersecurity advocate, KnowBe4. "Whether that is trust in internal communications, familiar brands, or even known individuals, phishing emails that appear to originate from reputable sources will always have a higher chance of lowering a recipient's suspicions. We see this time and time again in real-word scenarios, where attackers use sophisticated social engineering tactics to take advantage of this fundamental human instinct, making it harder for employees to distinguish legitimate and malicious emails."

Kron continued, "The Q2 findings reinforce the need for organizations to strengthen their human defenses through a layered approach centred on human risk management. This includes employee empowerment through a combination of relevant, timely and adaptive security training and intelligent detection technology that can identify and mitigate threats in real time."

Download a copy of the Q2 2025 KnowBe4 Simulated Phishing Roundup report, here.

About KnowBe4
KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven 'best-of-suite' platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization's biggest asset. More at knowbe4.com.

Follow KnowBe4 on LinkedIn and X.

Media Contact:
Amanda Tarantino
Sr. Manager of Public Relations
amandat@knowbe4.com
727-748-4221

View original content to download multimedia:https://www.prnewswire.com/news-releases/knowbe4-research-reveals-that-fake-internal-emails-dominate-phishing-simulation-clicks-302507391.html

SOURCE KnowBe4 Inc.

Email

|

Slashdot

|

Digg

|

Del.icio.us

|

Feeds

RELATED NEWS ARTICLES

Weekly Recap: 11 Tech Press Releases You Need to See | Jan 22, 2026 Sup AI Sets New Benchmark Record with 52.15% on Humanity's Last Exam | Jan 22, 2026 Trigent Partners with WeWork India to Expand its GCC Footprint | Jan 22, 2026 DEADLINE ANNOUNCED FOR 2026 NEW TOP-LEVEL DOMAIN APPLICATIONS | Jan 22, 2026 Skunk Works® and XTEND Expand Joint All Domain Command and Control for Advanced Mission Execution | Jan 22, 2026 Glasswall Brings Defense-Level File Sanitization to Every Government Agency and Business Using Microsoft 365 | Jan 22, 2026 Exia Labs Brings Keystone to the U.S. Navy via DIU's Blue Object Management Challenge | Jan 22, 2026 Veteran Ventures Capital Announces Investment in Vatn Systems, Supporting a New Era of Scalable Undersea Autonomy | Jan 22, 2026 Buyers Edge Platform Appoints Jaime Selga to Lead Expansion Across the Middle East, Africa & Asia | Jan 22, 2026 Everflow Drives $4.3 Billion in High-Value Partner Revenue, Delivering Essential Solutions for Modern Affiliate Programs | Jan 22, 2026