Tech.co report reveals 98% of business leaders can't spot a phishing scam

New data from Tech.co’s 2025 Impact of Technology on the Workplace Report has revealed that 98% of senior leaders are unable to correctly identify all the signs of phishing.

Tech.co surveyed 1036 US business leaders to find out if they could correctly identify common features of a phishing email; these included:

• Spelling and grammar mistakes

• Receiving from an unknown sender

• Asking for sensitive information

• Tone of urgency or threat

Business leaders can’t spot basic scam signs

A third of business leaders (33%) did not identify receiving from an unknown sender as a possible flag, while a shocking 47% weren’t able to identify a tone of urgency or threat as a feature.

Phishing attacks accounted for 40% of the total data breaches affecting businesses in 2024, up by 23% in 2023.

The survey also found that nearly a fifth (19%) of respondents were unable to correctly define two-factor authentication, a fundamental security measure.

The findings reveal a concerning lack of cybersecurity education from senior leaders. The global average cost of a data breach in 2024 was $4.88M, 10% higher than the previous year.

Editor of Tech.co, Jack Turner, comments, “Our research should be a wake-up call for anyone who thinks they understand the risks of cybercrime to their business. With so many respondents failing to spot the basic fundamental signs of a phishing attempt, it's no wonder that such an attack can be so successful.

Vigilance and training are key, but our research proves that cybersecurity education should apply to every role, from the intern to the CEO.”