- The Yubico study discovers that last year almost half of the respondents interacted with phishing emails
- Gen Z becomes the most vulnerable demographic for phishing attacks
- Passwords remain dominant, despite low confidence in their actual security force
Fishing emails have advanced to such an extent that many people can no longer report the difference between real and fraudulent messages, a new study is approved.
The Yubico survey found that last year almost half (44%) of the respondents interacted with at least one phishing message such as clicking on the link or opening an investment.
More than half of the participants either assumed that the fisch message was genuine, or it was admitted that they were not sure, showing how many attackers are now relying on deception, and not for technical shortcomings.
Young users are most open
It was found that Gen Z is the most susceptible, and 62% are engaged in phishing fraud last year, which is much higher than other age groups.
It is interesting that when it came to the recognition of Fishing’s attempts, the differences between generations were insignificant.
This suggests that although young users more often interact with suspicious content, the overall task of identifying phishing remains universal in different age groups.
Unfortunately, the practice of security of both individuals and organizations causes serious problems.
“Our survey has revealed a gap. People feel smug in providing their own online accounts, and organizations seem slow to accept the best safety practices, ”said Ronnie Manning, the chief lawyer of Brand, Yubiko.
Despite the widespread confirmation that the names of users and passwords unsafe, they remain the most common Authentication Method for personal and working accounts.
Less than half of the companies introduced multifactorial authentication in all applications, and 40% of employees said that they did not receive cybersecurity training.
Even for personal e-mail Accounts that often serve as gateways in critical services, such as banking and mobile carriers, almost a third of users are still lacking in multifactorial authentication.
Nevertheless, there are pockets of progress, especially in France, where multifactorial adoption of authentication for personal accounts jumped from 29% in 2024 to 71% in 2025.
This marks a sharp shift in relation to safer methods of entering the system.
At the same time, caring for artificial intelligence is growing rapidly in countries such as Japan and Sweden, where the detention has more than doubled in a year.
Confidence in advanced authentication methods also begins to grow, especially in the use of hardware options, such as safety keys and passengers.
Both the United Kingdom and the United States reported a noticeable increase in the number of people considering these tools as the safest available.
While Fishing's attempts are developing at an alarming pace, the gradual adoption of the tips of authenticity on a potential path, resistant to phishing.
“Both individuals and organizations have the opportunity to protect themselves by making these decisions resistant to phishing today. The modern MFA, of course, is no longer just “nice to have” and quickly became important, ”Manning added.
At the moment, the gap between awareness and protection remains wide, leaving people and organizations to subject more convincing attacks.
