The Q3 2025 Phishing Simulation Roundup reveals people interacted most with emails that impersonated colleagues or referenced internal systems or topics
KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human and AI agent risk management, today released its Q3 2025 Phishing Roundup. The research reveals that simulated phishing emails personalized to appear from internal departments, particularly HR and IT, continue to drive the highest user interaction rates, highlighting a persistent trend of employee vulnerability to techniques exploiting familiarity. All of the data for this roundup was aggregated from the KnowBe4 HRM+ platform between July 1, 2025, and September 30, 2025. 
Key Findings from the Q3 Roundup:
Internal Topics Dominate
- Personalization increased click rate in simulated phishing emails - the two most-clicked subject lines contained the recipients’ company name.
- Internal topics made up 90% of most-clicked subject lines and HR was cited in 45% of the top 10 most-clicked emails.
Branded Landing Pages
- 70% of simulated landing page interactions involved branded content.
- Microsoft was the most common brand, accounting for 25%, followed by LinkedIn, X, Okta, and Amazon.
Top Clicked Hyperlinks
- 82% of the top 20 clicked links in simulated phishing emails came from internally themed simulations.
- 66% used domain spoofing techniques.
Attachment Interactions
- PDFs comprised 56% of the top 20 attachments opened in simulated phishing emails, followed by Word documents (25%) and HTML files (19%).
“When a message seems routine, such as something from HR or IT, users are less likely to question it,” said Erich Kron, CISO advisor at KnowBe4. “The fact that this trend continues quarter after quarter tells us that this is not just about tricking users, it is about understanding human behavior. That is exactly why KnowBe4's human and agentic AI risk management platform addresses both training and behavior change to build lasting security resilience.”
Download a copy of the Q3 2025 KnowBe4 Simulated Phishing Roundup here
About KnowBe4
KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organizations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven ‘best-of-suite’ platform for Human Risk Management, creating an adaptive defense layer that fortifies user behavior against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilizes personalized and relevant cybersecurity protection content, tools and techniques to mobilize workforces to transform from the largest attack surface to an organization’s biggest asset. More info at knowbe4.com.
