Why Scammers Target Your Newest Staff
Around 90 percent of data breaches start with a phishing email. Increasingly, scammers focus on people least equipped to spot them early, new employees.
It makes sense when you think about it. A new hire is still learning how things work. They don't know who normally approves payments, what your usual suppliers look like, or when a request should raise eyebrows. They're eager to do a good job and unlikely to push back on something that seems urgent.
Cybercriminals understand this and actively look for signs of new staff joining a business.
How scammers find their targets
Cybercriminals don't need to breach systems to identify new employees. They rely on publicly available information.
A LinkedIn welcome post, a team update on your website, or even a simple "excited to join the team" post gives them everything they need:
The employee's name and role
Their manager or team
The business name
A sense of timing ("just started" or "first week")
Using this information, they can craft an email that looks like it's from a manager, a supplier, or someone else the new hire should trust. The message sounds real because it's built on real information.
Why new employees fall for it
New staff are still learning what “normal” looks like. When an email says “Can you process this invoice urgently?”, they may assume it’s a process they have not learned yet.
At the same time, new employees are motivated to be helpful. Nobody wants to look difficult in their first few weeks by questioning a request from someone senior.
Attackers rely on social engineering, which is a technique that pressures people into acting before they stop to verify a request. It exploits uncertainty and the desire to do a good job, not technical ignorance.
Training is the fix, not fear
Most phishing breaches don't happen because the security software failed. They happen because a convincing message reached a real person at the wrong moment.
That’s why staff awareness matters as much as email filtering and security controls. When staff know what phishing looks like and feel confident stopping to check, the risk drops significantly.
For new hires, early training is especially important. It gives them permission to slow down, ask questions, and verify requests without feeling like they're being difficult or doing something wrong.
What good training looks like
Good phishing training is ongoing and practical, not a one‑off session during onboarding.
New employees need early guidance on how to asses requests, recognise warning signs, and know when to stop and check. This can be delivered through short, focused training sessions that use realistic examples and reinforce a simple decision‑making framework.
Training works best when it’s spaced over time and supported by regular reinforcement. This may include simulated phishing scenarios, follow‑up learning modules, and clear feedback when mistakes happen, so staff can learn in context.
For businesses that want an automated, ongoing approach, Phriendly Phishing provides a structured programme that introduces new employees with a baseline assessment, followed by short learning modules and realistic phishing simulations that reinforce good habits over time.
The aim is to build confidence and consistent behaviour, not to catch people out. Over time, this creates a habit of pausing, assessing, and verifying. That habit reduces risk during those critical early weeks.
Employees learn:
What phishing messages typically look like
How cybercriminals create urgency and fake authority
When to stop and verify a request
What to do if something feels off
This is reinforced over time helps staff build confidence and good habits, rather than relying on a single training session they quickly forget.
How Think Concepts can help
Think Concepts supports businesses with phishing awareness in a way that suits their size, risk profile, and budget.
For some organisations, this starts with practical, consultant‑led cyber security training delivered directly by our team. This approach works well for businesses or teams that want straightforward, hands‑on guidance without committing to a full simulation platform.
Where ongoing testing and automation make sense, we can also set businesses up with Phriendly Phishing, an award‑winning phishing simulation and training platform designed to build long‑term awareness through regular, realistic scenarios.
Depending on your needs, this can include:
Understanding your current phishing risk with an initial assessment
Delivering practical training to staff, either directly or through an automated platform
Running simulated phishing campaigns that reflect real threats
Tracking improvement through clear, readable reporting
For new employees, this means learning how to recognise and respond to phishing from day one, using an approach that fits the business rather than forcing a one size fits all solution.
Preparing new employees from day one
Phishing isn't going away, and cybercriminals will continue targeting the people they believe are easiest to catch off guard. But a bit of preparation goes a long way to reducing risk.
If you'd like to put a practical phishing awareness programme in place for your team, get in touch with Think Concepts. We can help you protect both new and existing staff before scammers get the chance.