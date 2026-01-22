    • Domain spoofing used in 90 percent of top phishing attacks

    infostealer

    Phishing emails containing company names see the highest click rates, while domain spoofing appears in nearly 90 percent of top-clicked attacks according to the latest Phishing Simulation Roundup from KnowBe4.

    The report shows that personalization significantly increases click rates, with the two most-clicked subject lines containing recipients’ company names. Internal topics dominated engagement, appearing in 100 percent of the top 10 most-clicked subject lines, while HR-related topics were referenced in 46 percent.

    Messages posing as IT notifications, training updates and routine HR communications consistently rank among the most effective phishing lures.

    Analysis of phishing delivery methods further reinforces these trends. Among the top 20 hyperlinks clicked, around 87 percent referenced internal topics, and 90 percent involved domain spoofing, highlighting how closely attackers imitate legitimate business infrastructure to establish trust and prompt quick action.

    "The fact that nearly 90 percent of top-clicked phishing attempts involved domain spoofing shows that attackers are successfully creating convincing illusions of legitimacy," said Erich Kron, CISO advisor at KnowBe4. "When employees see their company name, their manager's name, or familiar internal systems referenced in an email, their natural inclination is to trust and act quickly. Organizations must recognize that technology alone isn’t enough -- building a security-conscious culture where employees feel empowered to pause and verify is our strongest defense against these increasingly deceptive attacks."

    The report also analyzed real-world phishing threats reported using the KnowBe4 Phish Alert Button. The top 10 most-reported phishing attacks impersonated trusted brands such as Microsoft, ShareFile, Google, Zoom, Adobe, Coinbase and DHL, as well as internal IT and HR departments. Overall, 62 percent of phishing landing pages users interacted with were branded, with Microsoft accounting for 22.9 percent of impersonated brands. Social media platforms collectively represented 14.5 percent.

    You can see the full report on the KnowBe4 site and there’s an infographic summary of the findings below.

    KB4 Q4-2025_Phishing-Report-Infographic_EN

    Image credit: djbagaha/depositphotos.com

    TAGS
    No Comments
    Got News? Contact Us

    Recent Headlines

    Domain spoofing used in 90 percent of top phishing attacks

    1Password introduces built-in phishing protection

    Artists and writers push back on AI training with 'Stealing Isn’t Innovation' campaign

    One in ten UK businesses say a major cyber attack could shut them down

    Americans are increasingly turning to VPNs to avoid government surveillance online

    AdGuard's TrustTunnel VPN protocol avoids detection by mimicking normal web traffic

    Stardock updates Connection Explorer with new firewall controls and activity graphs

    Most Commented Stories

    1. Domain spoofing used in 90 percent of top phishing attacks

      0 Comments

    2. As 2G and 3G networks disappear, regulators are under pressure to protect vulnerable users

      0 Comments

    3. China’s smartphone market stalled in 2025, but the battle at the top intensified

      0 Comments

    4. AV-Comparatives' 2025 tests reveal which Windows antivirus tools perform best

      0 Comments

    5. The US is bracing itself to pay even more for Spotify yet again

      0 Comments

    6. The real cost of migrating observability tools [Q&A]

      0 Comments

    7. AI fuels rise in ransomware threats

      0 Comments

    8. Microsoft confirms KB5073455 update is causing Windows 11 shutdown problems

      0 Comments

    Why Trust Us

    At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

    betanews logo

    We don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

    x logo facebook logo linkedin logo rss feed logo

    NEWS

    AI
    Technology
    Software
    Hardware
    About Us

    © 1998-2026 BetaNews, Inc. All Rights Reserved.

    Privacy Policy | Terms of Service | Cookie Policy | Contact Us | Sitemap