Business Insights

KnowBe4 Phishing Test Results Reveal Information Technology (IT) and Online Services Emails Drive Dangerous Attack Trend

The world’s largest security awareness training and simulated phishing platform provider, KnowBe4 (, has released the findings of its Q1 2023 top-clicked phishing report. The results indicate the transition to IT and online service notifications, such as laptop refresh or account suspension notifications, which might have an impact on end users’ everyday tasks. They also contain the top email subjects clicked on in phishing testing. Download the document:

Phishing emails are still one of the most popular ways to sustain hostile attacks on businesses all around the world. By altering the subject lines of phishing emails to make them seem more legitimate, cybercriminals are always improving their techniques to stay one step ahead of end users and businesses. In order to get someone to click, they prey on emotions and try to upset or confuse them. Phishing techniques are evolving as online criminals increasingly send emails with subjects relating to IT and online services, such as requests for password changes, invites to Zoom meetings, security alerts, and more. These are efficient since they would affect an end user’s regular workday and ensuing tasks. 

This quarter, holiday-themed phishing email subjects were also exploited, luring unwary end users with promises of schedule changes, gift cards, and spa packages. As the United States prepared for tax season in Q1, email subjects pertaining to taxes increased in popularity.

By tricking unwary workers into clicking on harmful links or downloading phony documents that seem legitimate, cybercriminals are continually escalating the harm they wreak to enterprises, according to Stu Sjouwerman, CEO of KnowBe4. “Emails that appear to be from an internal source, such as the IT department, are particularly risky since they provide the impression of coming from a more reliable source where an employee would be less likely to doubt or be dubious. To defeat malicious actors, a business must strengthen its human firewall by building a strong security culture. 

Go here ( to download a copy of the Q1 2023 KnowBe4 Phishing Report infographic.

Leave a Reply