Nearly half of IT leaders in Singapore struggle to spot phishing scams

72% mistakenly identified a real email as a scam.

Nearly half of Singaporean IT decision-makers (46%) struggle to distinguish legitimate emails from phishing scams, according to new research from KnowBe4.

The study found that 72% mistakenly identified a real email as a scam, highlighting the increasing sophistication of phishing attacks.

Whilst 54% correctly identified a scam email, 39% wrongly thought it was legitimate, whilst 7% were unsure.

Despite this confusion, concern over phishing and Business Email Compromise (BEC) as a major risk has declined to 36%, a troubling trend that could leave businesses vulnerable to cyber threats.

The study also revealed a declining sense of individual responsibility for cybersecurity. Only 36% of respondents believe protecting against cyber threats should be a shared responsibility, a drop from 40% in 2024 and 60% in 2022.

More businesses are placing cybersecurity responsibility on IT teams (47%), whilst 42% believe the government should be responsible for protecting organisations.

At the same time, only 31% of employees recognise their role in cybersecurity, marking a continued decline in individual accountability.

The reliance on cybersecurity technology is also decreasing, with just 19% believing that existing security solutions are enough to protect against attacks.

The call for greater government intervention is growing. A striking 89% of respondents believe the government should do more to protect businesses from cyber threats, up from 84% in 2024.

Key demands include more public education on cyber risks (61%), increased funding for cybersecurity (51%), and better training programs for businesses (52%).