A new hire gets an email that looks like it came from the CEO. The request feels urgent and asks for help with a vendor payment. The employee is on day four and wants to be helpful, not difficult. So they comply.
That is all it takes.
Keepnet Lab’s 2025 New Hires Phishing Susceptibility Report found CEO impersonation emails are 45% more likely to succeed with new employees. New hires are also more susceptible to phishing overall.
This is not a people problem. It is a governance problem.
Why week one is the highest-risk window
New employees do not know what “normal” looks like yet. They are learning communication styles, approval paths, and who has authority over what. Attackers exploit uncertainty and urgency.
The vulnerability often exists before the first suspicious email arrives.
When onboarding is chaotic, controls become optional. Borrowed logins, improvised access, files saved outside approved systems, and personal devices used for speed all create gaps that are hard to defend later.
The phishing email does not create the risk. The first week does.
Reasonable care starts before day one. Fixing this does not require a long security lecture. It requires a few decisions leadership can stand behind.
1) Access is configured, not improvised
The laptop is ready, credentials exist, and permissions are defined. No borrowing logins. No temporary workarounds.
2) New hires know what “normal” looks like A ten-minute orientation answers practical questions. Does leadership ever email about payments? Who approves vendor changes? What should someone do when a message feels urgent or unusual?
3) They have a safe path to verify
New employees hesitate to ask questions because they do not want to look inexperienced. Give them a person and a simple verification process.
The takeaway
Most security mistakes do not happen when someone ignores the rules. They happen when someone does not know the rules yet.
If you are hiring this spring, the most defensible move you can make is to tighten onboarding governance before the first day.
Where RTB fits
RTB Technologies is a cyber risk, liability, and security governance firm. We help leadership teams build clear, defensible processes that reduce exposure without adding noise.
If you want a quick review of your onboarding risk and money-movement controls, call 720-828-8490.
