- Most fishing events occur before new employees, also understand how internal systems work, report reports.
- Security awareness should start on one day, before the first email is also opened
- Hackers target uncertainty, and onboarding is loaded for this, confused new fare
The first few months of employment are now one of the most risky periods for enterprise cyber security, new research has claimed,
Keepnet 2025 The new Higher Fishing Sensitivity Report found that about three-fourths (71%) falls on new rent for fishing or social engineering attacks within their first 90 days.
Often ignored in onboarding workflows, this deficiency suggests that many organizations are not enough to prepare new employees for the reality of modern cyber threats.
I inexpercy, urgency, and confusion run the initial mistakes
Based on data from 237 companies, reports show that new employees are likely to be 44% higher by fishing efforts than their long -lasting colleagues.
Most events stems from combination of inexperience, lack of acquaintance with internal processes and desire to follow instructions.
The types of general attack include CEO copy, fraud HR portal, fake invoices request and technical aid scams, many of which exploit the period of onboarding confusion to this period.
The study also found that 45% high success rate was between new fare to implement officers in the fishing email.
This difference shows how the basic social engineering strategy can also be inconsistently effective against employees who are still navigating organizational systems and norms.
Without dedicated and structured training, these early errors can pose long -lasting security risk.
To deal with the issue, Keepnet recommended that organizations adopt a layered defense strategy for especially the onboarding period.
Organizations adopting adapted simulation and behavioral training programs saw the phishing risk drop after 30% after onboarding.
Like traditional equipment Best ending point protection, Best fwaasAnd Best fwaas The solutions remain necessary, but they are not enough on their own.
“Fishing attacks do not wait for your employees to feel ready. Our research suggests that organizations should invest in onboarding-specific-specific cyber security awareness training. We are proud to offer adaptive, scalable solutions, which protect businesses from the first day,” Ozan Ukar, CEO, said.
