Thursday, 3 April 2025
26.2 C
Singapore
29.3 C
Thailand
21 C
Indonesia
26.9 C
Philippines

Singaporean IT leaders struggle to spot phishing emails, research finds

Nearly half of Singaporean IT leaders cannot tell phishing emails from real ones, raising concerns about growing cyber threats and accountability.

New research from KnowBe4 has revealed that nearly half of IT decision-makers in Singapore find it difficult to tell the difference between legitimate emails and phishing scams. The study shows that 46% of those surveyed admitted they struggled to identify scam or phishing emails.

The research highlights that phishing attacks are becoming more advanced and harder to detect. Worryingly, 72% of IT leaders mistakenly identified a real email as a phishing attempt. This suggests that as phishing tactics become more deceptive, even experienced IT professionals are finding it increasingly challenging to spot the difference.

When asked to review examples of scam and legitimate emails, only just over half (54%) correctly identified a scam or phishing email. On the other hand, 39% thought it was genuine, and 7% said they were unsure.

Despite this confusion, fewer IT decision-makers now consider phishing and business email compromise (BEC) to be a serious threat to their organisation. Only 36% view it as a major risk, a drop compared to previous years โ€” 2021, 2022, and 2024. This declining concern raises red flags, as it could lead businesses to lower their guard against potentially costly cyber-attacks.

Accountability for cybersecurity is declining

The findings also show a worrying trend in how responsibility for cybersecurity is perceived within organisations. Currently, only 36% of respondents believe that protecting their organisation from cyber threats is a shared responsibility. This is down from 40% in 2024, 60% in 2022, and 46% in 2021.

This year-on-year decline in individual accountability leaves businesses more exposed to cyber risks. As employees become less engaged in cybersecurity efforts, companies face a greater challenge in building a strong security culture.

Dr Martin Kraemer, Security Awareness Advocate at KnowBe4, warned, “Business email compromise (BEC) remains one of the most financially damaging cyber threats facing Singapore organisations today with the country’s high digital connectivity and its role as a global financial and business hub. These latest insights are deeply concerning, as organisations see a decline in individual accountability for cybersecurity, the risk of BEC attacks only grows.”

The study also found a growing shift in responsibility towards IT teams. Nearly half (47%) of respondents believe cybersecurity is the IT departmentโ€™s responsibility, a significant increase from 42% in 2024, 25% in 2022, and 34% in 2021.

At the same time, over two in five (42%) say the government should take responsibility for protecting organisations from cyber threats. This is up from 37% in 2024 and 14% in 2022, though slightly down from 25% in 2021.

Only 31% of employees recognise their own role in cybersecurity, which is only a small increase from 28% in 2024, 23% in 2022, and 24% in 2021.

Another concerning trend is the decreasing belief in the role of technology in protecting organisations from cyber-attacks. In 2025, only 19% said there are technologies in place to protect against attacks, continuing a steady decline from 24% in 2024, 25% in 2022, and 28% in 2021.

Singaporeans want stronger government action on cyber protection

The research also reveals strong public demand for greater government action to protect businesses from cyber-attacks. A striking 89% of respondents believe the government should do more to safeguard businesses. This is up from 84% in 2024, 72% in 2022, and 71% in 2021.

Among the top requests from IT decision-makers are:

  • Better public education and awareness about cyber risks and how to stay safe online. This was highlighted by 61% of respondents, a sharp increase from 48% in 2024, 48% in 2022, and 44% in 2021.
  • Increased funding to help businesses strengthen their cyber defences, with 51% calling for more financial support. This is up from 40% in 2024, 42% in 2022, and 40% in 2021.
  • More training and resources for businesses on managing cyber risks, requested by 52% of respondents. While still high, this represents a slight drop from 54% in 2024, 42% in 2022, and 47% in 2021.

Dr Kraemer stressed the importance of building a culture of cybersecurity awareness and responsibility across all levels of an organisation. He said, “The findings underscore the urgent need for companies to reinforce a culture of cybersecurity awareness and shared responsibility to mitigate cyber threats. Gen AI tools are rapidly making phishing emails more dangerous for organisations being more advanced, frequent and harder to spot. Now more than ever, businesses must prioritise comprehensive email security, employee training, and multi-layered defences to prevent costly breaches and safeguard critical assets, and leverage employees as the organisation’s greatest asset in preventing cyber-attacks.”

Hot this week

Owndays and Huawei launch new titanium smart audio glasses

Owndays and Huawei launch the Eyewear 2 Smart Audio Glasses Titanium Edition, featuring Bluetooth 5.3, 11-hour playback, and a premium frame.

Intel remains on course for next-gen CPUs

Intel CEO Lip-Bu Tan confirms that next-gen CPUs, including Panther Lake and Nova Lake, remain on track, with Panther Lake arriving in 2025.

Google’s Gemini 2.5 Pro AI model is now available for all users

Google's Gemini 2.5 Pro AI model is now available for all users, offering advanced coding and reasoning abilities with a free trial for Gemini Advanced.

China-aligned hacker group FamousSparrow resurfaces in cyberattacks

ESET finds China-linked hacker group FamousSparrow still active with upgraded tools, targeting institutions in the US, Mexico and Honduras.

Evento Seguro simplifies insurance access for event organisers in Brazil

Evento Seguro by Chubb makes event insurance easier for Brazilian organisers through a digital platform by Sympla and discovermarket.

Qualcomm expands AI research with MovianAI acquisition

Qualcomm has acquired Vietnamese AI research firm MovianAI to boost its AI development in smartphones, PCs, and software-defined vehicles.

Roblox introduces new parental controls to enhance child safety

Roblox introduces new parental controls, allowing parents to block games, restrict friends, and monitor their childโ€™s activity for better safety.

Anthropic introduces Claude for Education, a new AI chatbot plan for universities

Anthropic launches Claude for Education, an AI chatbot plan for universities that offers advanced learning tools and administration support.

Exabeam introduces Nova, an agentic AI that boosts cybersecurity operations

Exabeam unveils Nova, a proactive AI agent that boosts security team productivity and reduces incident investigation time by over 50%.

Related Articles