Business Report

Survey shows more Gen Zs are falling into phishing scam traps

IOL Reporter|Published

Gen Z stands out as the most susceptible demographic to phishing, with 62% reporting engagement with a phishing scam in the past year, significantly higher than other age groups.

Image: IOL / Ron AI

As organisations and individuals navigate the complex landscape of cybersecurity, a new survey commissioned by Yubico and conducted by Talker Research shines a spotlight on some alarming trends.

Released just in time for October's Cybersecurity Awareness Month, the Global State of Authentication survey draws insights from over 18,000 employed adults across nine countries, including the UK, US, France, and India, revealing stark contrasts between perceived security and actual practices.

“Our survey revealed a disconnect. Individuals are complacent about securing their own online accounts, and organisations appear slow to adopt security best practices,” said Ronnie Manning, chief brand advocate of Yubico.

The survey uncovered that 44% of participants had interacted with a phishing message in the past year, highlighting persistent vulnerabilities particularly among Gen Z respondents, of whom 62% reported engaging with phishing attempts.

The influence of Artificial Intelligence (AI) can't be overlooked. Seventy per cent of those surveyed believe that phishing attempts have become more successful due to the emergence of AI technologies, a sentiment echoed by a staggering 78% who feel these attempts have become more sophisticated.

Alarmingly, more than half of those surveyed failed to accurately identify phishing emails, indicating a potential for further exploitation by cybercriminals.

Despite growing concerns, the adoption of crucial security measures appears alarmingly low. Only 48% of respondents indicated their companies implement multi-factor authentication (MFA) across all apps and services, while 40% reported never receiving any cybersecurity training at work.

Even where MFA is recognised as a more secure method, a surprising 29% of individuals do not have it enabled for their personal email accounts, through which they access vital online assets like social media and banking services.

When comparing the Global State of Authentication survey from 2024 to its 2025 edition, significant shifts in user behaviour across different regions are evident. One of the most striking findings comes from France, where MFA adoption for personal accounts skyrocketed from 29% in 2024 to 71% in 2025, indicating a dramatic increase in personal cybersecurity awareness and practice.

This upward trend can also be mirrored globally. In Japan, concerns about AI threats jumped by 43 percentage points from 2024 to 2025, while apprehension in Sweden and the UK saw similar increases.

Trust in hardware-based authentication is also on the rise, with the UK recording a sharp increase from 17% to 37% of respondents recognising hardware security keys as the most secure authentication method, while the US followed suit with a rise from 18% to 34%.

“As cyber threats become more sophisticated, the good news is the survey reveals that stronger, more secure authentication methods, like device-bound passkeys, are gaining momentum around the world,” Manning remarked.

“Both individuals and organisations have the power to protect themselves by adopting these phishing-resistant solutions today.”

IOL