From Human Resources to Human Risk: Why HR is the Perfect Department for Cybercriminals to Impersonate
KnowBe4, Wednesday, August 20th, 2025
We all trust HR - or at least we do when we think they're emailing us! Data from KnowBe4's HRM+ platform reveals that phishing simulations with internal subject lines dominate the list of most-clicked templates in 2025.
Out of the top 10 templates people interacted with between May 1 - June 30, 2025, an incredible 98.4% had subject lines relating to internal topics - with HR mentioned in 45.2%. (It was a similar story between January 1 - April 30 this year too.) Our data shows that people are most likely to interact with simulations that have subject lines about pay (such as updating tax forms), changes to the dress code, time off and performance reviews.