KnowBe4 Research Reveals Personalized Phishing Emails Using the Company Name Dominate.html

66% of simulated phishing emails utilized domain spoofing techniques.

PDFs comprised 56% of the top 20 attachments opened in simulated phishing emails.

90% of the most-clicked subject lines in simulated phishing emails reference internal topics.

45% of the top 10 most-clicked simulated phishing emails referenced HR between July 1, 2025, and September 30, 2025.

19% of the top 20 attachments opened in simulated phishing emails were HTML files.

25% of the top 20 attachments opened in simulated phishing emails were Word documents.

82% of the top 20 clicked links in simulated phishing emails came from internally themed simulations between July 1, 2025, and September 30, 2025.

70% of simulated landing page interactions involve branded content.

25% of branded content interactions in simulated phishing emails involved Microsoft between July 1, 2025, and September 30, 2025.