The assumption that younger people are more digitally-savvy and therefore better able to recognise phishing scams might seem obvious – but Digital Natives aged between 18-39 are actually the most vulnerable age group for phishing scams, according to data from SoSafe’s and Botfrei’s Phish Test.
Based on exclusive response data from SoSafe (Human Risk Review 2022), the results demonstrate that cybersecurity awareness remains worryingly low, with around 31% of participants clicking on at least one simulated phishing email – meaning that 1 in 3 attacks would have been successful.
The study (Human Risk Review 2022) also revealed that email subject lines most likely to generate a click were usually based on emotional manipulation, inducing pressure, anxiety or curiosity, and appealing to authority as well as financial desires.
More from Tech
- Best Tech and Apps for Preventing Phone Theft
- How Can Crypto and Blockchain Technology Contribute Meaningfully to Tackling Financial Exclusion?
- World Bicycle Day: Tech Used At The 2025 Giro d’Italia
- Meet Ada: The Accurate Carbon Insights Tool
- Tech And Apps For Your Blood Pressure Monitoring
- Spreadsheet SDKs and the Role they Play in Modern Retail Data Management
- How Reliable Data Access Protects Businesses From Unexpected Downtime
- UK Finance Firms At Risk Of Digital Exclusion Ahead of Global Accessibility Day
Key Statistics
- Younger users are more likely to click on a phishing email than any other age group, with an average click rate of 29% – SoSafe’s and Botfrei’s Phish Test.
- Older users (aged 50+) are significantly more careful about opening emails, with an average click rate of just 19% – SoSafe’s and Botfrei’s Phish Test.
- Men tend to click on phishing links more often than women; nearly one in four male participants (23%) clicked on one of the phishing mails, compared to 20% of females – SoSafe’s and Botfrei’s Phish Test.
- Public Sector organisations (including critical infrastructure organisations such as hospitals) appear to be the most vulnerable to phishing attacks with a click rate of 36% – Human Risk Review 2021.
- In contrast, the average click rate in the Manufacturing sector is only 19%.
- 99% of respondents say that strengthening their organisations’ security culture will be important in the coming year – Human Risk Review 2022.
Dr Niklas Hellemann, CEO at SoSafe, said: “Today’s sophisticated cybercriminals deploy a broad set of psychological tactics that exploit human emotions like stress, fear or respect for authority – and our data highlights why awareness of the threat landscape plays an absolutely crucial role in cybersecurity culture. Even – or especially – the ones with the highest digital literacy are vulnerable to digital threats. Investing in technological barriers is of course vital, but companies also need to act now to empower their teams to spot threats and react accordingly – otherwise tech alone is powerless to protect.”
Would you like SEO or PR for your business?
Contact us here for more information >>