Newbies are more likely to click on phishing emails than longer-term employees, making them a very lucrative target for cybercriminals.
New hires are 44% more likely to fall for social engineering scams. It’s quite common for newbies to mistake phishing emails for real requests, as they are yet unfamiliar with cybersecurity protocols and the new company routine.
According to the 2025 New Hires Phishing Susceptibility Report by Keepnet Security, new hires are most vulnerable within the first 90 days in their new job.
Unsurprisingly, newbies are attacked by fake messages from the CEO, bogus HR platforms, fake invoices, and fake support.
Cybercriminals prey on new hires’ willingness to follow rules and instructions. They are unfamiliar with company processes and most likely haven’t had proper security training.
While experts say this highlights the need for better security awareness training and involving employees from day one, don’t be too quick to judge. With AI in play, scammers are getting smarter than ever. In fact, they even use AI for A/B testing to determine which phrasing works best.
Previously, you could easily identify a scammer-written email by its poor grammar. Now, it's quite the opposite – fraudsters often craft better emails than humans because they rely on AI to do so.
According to the latest Internet Crime Report from the Federal Bureau of Investigation (FBI), phishing remains the most common cybercrime in the US. Linkless phishing – just a short and seemingly harmless message from scammers – is on the rise, too.
You aren’t even 100% safe with enabled multi-factor authentication (MFA), as fraudsters exploit the so-called MFA fatigue – they just spam you with MFA requests until you accidentally approve the scammer login.
Your email address will not be published. Required fields are markedmarked