Share
A new global survey from Yubico reveals that amid growing concerns about AI-driven threats, the youngest generation in the workforce, Gen Z, is the most susceptible to falling for phishing attacks.
The annual Global State of Authentication survey, which gathered insights from 18,000 employed adults across nine countries, highlights a significant disconnect between the perceived importance of security and actual online habits.
The most alarming finding is that 62% of Gen Z respondents reported interacting with a phishing scam in the past year – a rate which is significantly higher than all other age groups.
While the report doesn’t pinpoint a single cause, the core issue is not a lack of awareness. The survey found that age did not play a significant role in the ability to correctly identify a phishing attempt, with Gen Z, Millennials, Gen X, and Baby Boomers all recognizing the scams at similar rates (around 45–47%).
Instead, experts suggest Gen Z’s higher engagement rate (clicking a link, opening an attachment, etc.) may stem from a greater level of online complacency or over-familiarity with digital communication. Overall, 44% of all participants admitted to interacting with a phishing message, underscoring the universal challenge of social engineering.
Ronnie Manning, chief brand advocate at Yubico, stressed the urgency of the findings. “It’s not surprising that phishing continues to be one of the easiest ways for hackers to get in,” he stated. “To close the gap, strong, phishing-resistant authentication, education, and action must go hand-in-hand.”
Other Key Findings
The survey revealed a landscape of widespread weak security practices compounded by the rise of Artificial Intelligence:
- AI Sophistication: A staggering 78% of respondents believe phishing attempts have become more sophisticated due to the use of AI, and 70% believe the scams have become more successful.
- MFA Deficiencies: Only 48% of companies reportedly use Multi-Factor Authentication (MFA) across all apps and services. Personally, 29% of individuals still don’t have MFA set up for their personal email accounts, despite these accounts being the gateway to critical assets like banking (41%) and social media (47%).
- Password Reliance: Despite only 26% considering usernames and passwords to be the most secure method, they remain the dominant way people access both work (56%) and personal (60%) accounts.
- Growing Trust in Hardware: On a positive note, confidence in phishing-resistant methods is increasing. In the UK and US, there was a significant rise in the number of people who believe hardware security keys and device-bound passkeys are the most secure authentication options.
Related Posts
Discover more from Tech Digest
Subscribe to get the latest posts sent to your email.