News

AI Phishing Scams Are Fooling Every Generation, Survey Shows

Kristen Butler

Published

9 months ago

on

Ingram Publishing / Newscom / The Mega Agency

Can you tell if an email was written by artificial intelligence? According to a new survey, most people cant.

A global survey of 18,000 employed adults revealed that when shown a phishing email generated by AI, only 46% were able to correctly identify it. The other 54% either thought it was authentic or said they werent sure. Surprisingly, age didnt make much difference in awareness: Gen Z respondents were correct 45% of the time, millennials 47%, and both Gen X and baby boomers 46%. Researchers said the results highlight that no generation is immune to cyber risks in the age of AI.

Even when respondents were shown a legitimate email that could have come from their employer, fewer than one in three (30%) recognized it as genuine. The findings are part of Yubicos annual Global State of Authentication Survey, conducted by Talker Research across nine countries — the United States, the United Kingdom, Australia, India, Japan, Singapore, France, Germany and Sweden — and released for Cybersecurity Awareness Month in October.

The survey also showed that phishing attempts are hitting close to home. Nearly half (44%) admitted they had interacted with a phishing message in the past year — whether by clicking on a link or opening an attachment — and 13% said they had done so in just the past week. Younger adults were especially vulnerable: 62% of Gen Z respondents said they had fallen for a phishing scam in the past year, compared to 51% of millennials, 33% of Gen X and 23% of baby boomers.

Emails remain the most common way people get tricked, with 51% saying theyve been duped this way. Another 27% fell victim through text messages and 20% through social media. Those who admitted being deceived most often said it was because the message seemed to come from a trusted source (34%) or because they were in a rush and didnt stop to think (25%).

The consequences of those mistakes were serious. Respondents said they had accidentally given scammers email addresses (29% personal, 21% work), their full name (22% personal, 16% work) and phone numbers (21% personal, 15% work). 

“Because our personal and professional lives are so intertwined, and theres widespread cross-contamination between personal and work devices, a successful phishing attack on your personal data and devices could compromise your work security, and vice versa,” said Ronnie Manning, chief brand advocate at Yubico. “Thats why individuals and companies need to employ the highest level of security, using multi-factor authentication and things like device-bound passkeys, across all of their accounts. Because weak cybersecurity practices at any level of an organization could lead to significant and dangerous security breaches.”

Device use habits may be compounding the problem. Half of all employees surveyed admitted theyre currently logged into work accounts on their personal devices. Younger workers were more likely than older ones to blur those lines, with only 30% of Gen Z saying they use work-permitted devices exclusively, compared to 40% of millennials and 66% of baby boomers. Meanwhile, 40% of respondents said they access personal email from work devices, 17% are logged into online banking at work, 19% store work documents on personal devices, and nearly one in four (23%) are signed into social media on work machines.

Despite this, 30% said they do not use multi-factor authentication for personal accounts, and 40% reported they had never received cybersecurity training from their employer. Others said that company requirements varied by role or department and nearly half (49%) reported juggling multiple login systems across applications instead of one consistent MFA method.

“With gaps in cybersecurity training, employee usage of devices between work and personal and vulnerabilities when it comes to identifying AI scams and phishing attempts, both companies and individuals are at risk in an increasingly sophisticated online world,” Manning said. “Turn on MFA on your apps, services and accounts wherever you can. Phishing-resistant MFA, like that on a security key, is the most proven way to protect yourself, your data and your assets in this ever-evolving digital world.”

Read More From National Enquirer

Trending News

Exclusive3 days ago

Ex-Prince Andrew ‘Using’ Daughters Princesses Beatrice and Eugenie to ‘Stir Up Trouble’ Amid Royal Exile
Politics3 days ago

Serena Williams’ Husband Alexis Ohanian Defends Decision to Attend President Trump’s UFC Freedom 250 Event
Politics3 days ago

Hunter Biden Challenges Donald Trump Jr. to a ‘Cage Match’ After Slamming UFC Freedom 250 Event
Podcasts2 days ago

Joe Rogan Claims Multiple US Presidents Tried to Get His Podcast Taken Off the Air
Celebrity News2 days ago

Joe Rogan Overshoots UFC Freedom 250 Viewership Estimates by More Than 100 Million
Politics1 day ago

JD Vance’s Eyeliner and Bronzer Become Bigger Story Than His Politics on ‘The View’
Celebrity News2 days ago

Rosie O’Donnell Reflects on Her Heated 1999 Debate With Tom Selleck: ‘He Wasn’t Prepared’
Exclusive2 days ago

Russell Crowe Letting Girlfriend Britney Theriot Take ‘Control’ After Revealing His Anti-Marriage Stance
News19 hours ago

Filmmakers Claim They Captured Images of Champ the Lake Monster in Upstate New York
Exclusive2 days ago

Jimmy Kimmel Relying on Wife Molly McNearney to Steer His Career: ‘She’s Firmly in Control’
Animals3 days ago

Teen Hiker Attacked By Bear In Washington, Second Teen Injured While Fleeing
Human Interest19 hours ago

Surfer Escapes Death After Shark Bit Him and Dragged Him Underwater: ‘I Got Off Lightly’