New Dogs, New Tricks: Fighting Digital Mammoths with Click-Smart Training
“To err is human,” in the digital age, it’s just as true as when cavemen mistook mammoths for pets. But while our ancestors battled saber-toothed cats, today’s prey are cyber attackers, and phishing emails are their spears. In this modern hunt, we don’t need to make the same mistakes as the prehistoric folks who saw every furry beast as a potential companion. Technology may evolve, but so can we. KnowBe4’s latest “Phishing by Industry Benchmarking Report” shows that even the most phish-prone employees can learn to dodge digital danger. With the proper training, old dogs, or better said, old inboxes, can definitely learn new tricks.
Training Cuts the Click: Phishing Rates Drop 86%
KnowBe4’s 2025 report reveals a massive cybersecurity win. Security awareness training (SAT) lowered global phishing click rates from 33.1% to just 4.1% over 12 months.
The study involved over 67.7 million phishing simulations from 14.5 million users across 62,000+ organizations worldwide.
The Global Picture: One-Third of Employees at Risk
Before any training, about one in three employees clicked on simulated phishing links. In just three months, SAT reduced this rate by 40%. After a year, the drop reached 86%, showing the power of sustained education.
North America: From 42% to 4%
Large North American firms (1,000+ employees) had a whopping 42% click rate before training. After a year with KnowBe4’s SAT program, it plunged to 4.1%.
Smaller companies showed similar gains. Organizations with under 250 staff improved from 26% to just 3.7%.
Healthcare: A Hard-Hit Sector, Now Healing
Healthcare & Pharmaceuticals was the most vulnerable industry at baseline, with a 41.9% global click rate. In North America, large healthcare firms faced a staggering 54.8% rate. After one year of SAT, those same organizations cut clicks to 3.7%.
Stress, Speed, and Human Weakness
Clicking phishing emails often stems from stress, exhaustion, and emotional overload. Political division, layoffs, and multitasking leave employees in a fog. That mental fatigue leads to mistakes.
Bad actors use urgency and emotion to fool people. The more worn down we are, the more likely we fall for scams.
KnowBe4’s program combines short, punchy lessons with realistic phishing simulations. Employees learn to slow down, spot red flags, and think before they click.
Their AI-driven Human Risk Management platform turns your team from a soft spot into a security strength.
CEO’s Take: Training Works, But Don’t Let Up
“Security awareness training truly makes a difference,” said CEO Stu Sjouwerman. “The trend is positive, but phishing risks still exist. Ongoing, engaging training is key to managing human risk.”
Other Phishing News: It’s safe click away: 2024 Phishing Trends: How Employee Awareness Training Can Combat Rising Threats(Opens in a new browser tab)
