-

KnowBe4 Phishing Test Results Reveal Trend Towards Business-Related Emails

KnowBe4 releases Q3 2022 global phishing report and finds that more business-related email subjects are utilized as a phishing strategy

TAMPA BAY, Fla.--(BUSINESS WIRE)--KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced the results of its Q3 2022 top-clicked phishing report. The results include the top email subjects clicked on in phishing tests and reflect the shift from personal to business-related email subjects including internal requests and updates from Human Resources, IT and managers.

Phishing emails regularly plague organizations around the globe. New research from cloud and email security specialist Avanan reveals that nearly 19% of phishing emails were bypassed by the anti-malware app, Microsoft Defender. This is a key indicator as to why technology and email filters cannot be relied on as a sole method of protection against malicious emails.

Business phishing emails have always been effective and continue to be successful because of their potential to affect a user’s workday and routine. This quarter’s phishing test results reveal that 40% of email subjects are HR related, creating a sense of urgency in users to act quickly, sometimes before thinking logically and taking the time to question the email’s legitimacy. This year’s phishing test also revealed the top vector for this quarter to be phishing links in the body of an email. These combined tactics can have destructive outcomes for organizations and lead to a multitude of cyberattacks such as ransomware and business email compromise.

Along with reflecting a shift towards the use of more business-related emails, this quarter’s phishing test reveals a shift away from the use of personal-related emails such as those from social media. In fact, Q3’s phishing report is the first of this year that does not attribute social networking or social media sites as a top email subject category.

“As phishing emails evolve and become more sophisticated, it is imperative that organizations prioritize security awareness training for all employees, now more than ever,” said Stu Sjouwerman, CEO, KnowBe4. “Phishing emails that disguise themselves as internal communications are especially concerning since they are sure to grab the attention of users and typically incite action. New-school security awareness training for employees helps combat phishing and malicious emails by educating users on what to look out for— it is the key to creating a healthy level of skepticism to better protect an organization and build a stronger security culture.”

To download a copy of the KnowBe4 Phishing Infographic, visit KnowBe4.

About KnowBe4

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 52,000 organizations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as their last line of defense.

Contacts

Amanda Tarantino
amandat@knowbe4.com

More News From KnowBe4

KnowBe4 Research Finds Global Phishing Susceptibility Drops 79% After One Year of Security Awareness Training

TAMPA BAY, Fla.--(BUSINESS WIRE)--KnowBe4, the global leader in digital workforce security, securing both AI agents and humans, today released its 2026 Phishing by Industry Benchmarking Report, revealing that organizations can reduce phishing susceptibility by 79% after one year of consistent security awareness training (SAT), despite a threat landscape increasingly powered by artificial intelligence. The report analyzed 42 million phishing simulations across 14.8 million users at 64,000 organi...

KnowBe4 Announces Workforce Security Summit to Address AI-Native Threats and Securing Digital Workforces

TAMPA BAY, Fla.--(BUSINESS WIRE)--KnowBe4, the global leader in digital workforce security, securing both AI agents and humans, today announced its upcoming Workforce Security Summit. The global virtual event is designed to help organizations modernize their security strategies for an era where the corporate workforce is no longer purely human, but comprised of both human employees and AI agents. As attackers rapidly weaponize deepfakes, voice cloning, and AI-powered phishing, traditional defen...

Over Half of British Employees Are Currently Using ‘Unapproved’ AI Tools at Work, KnowBe4 Research Finds

LEEDS, England--(BUSINESS WIRE)--KnowBe4, the global leader in digital workforce security, securing both AI agents and humans, has today revealed the UK-specific findings of its latest research report: From Agentic Risk to Human Wins. The research found that UK organisations are increasingly concerned about employees using unapproved software and AI tools, with 58% of decision makers citing it as their top human-related cyber risk. The concern is well founded: 55% of employees admit to using un...
Back to Newsroom