Hiring a new team member is exciting, but it’s also one of the riskiest moments for your business in terms of cybersecurity.
In those early weeks, new employees are settling in, learning systems, and eager to make a good impression. Unfortunately, this makes them an easy target for cybercriminals.
Research shows that around 71% of new hires fall victim to phishing or social engineering attempts within their first 90 days. Attackers know that new starters don’t yet recognise internal communication patterns or understand who’s who in the business. They exploit that uncertainty with convincing messages that appear to come from HR, management, or IT support.
A scam email might ask for login details, request an urgent payment, or direct the employee to a fake company portal. Because the person is still learning what’s normal, they are far more likely to trust it. Studies show that new employees are 44% more likely to click on a phishing link and 45% more likely to respond to messages impersonating senior staff.
This vulnerability creates a serious security gap.
The most effective way to reduce the risk is to make cybersecurity awareness part of your onboarding process. Training should start on day one, not weeks later. Early education about phishing, password hygiene, and how to report suspicious activity can make a measurable difference.
Companies that provide structured, scenario-based awareness training during onboarding see a sharp drop in successful phishing attempts — in some cases by 30%.
Technology such as endpoint protection and firewalls play an important role, but your people are always the first line of defence. Giving new team members the confidence to spot and report threats protects your business from the very start.
Next steps
To explore how to integrate cybersecurity awareness training into your onboarding or strengthen your overall security posture, contact Crosstek.
Book a call with one of our team to discuss simple, effective ways to protect your business and empower your employees.