WEALTH October 21, 2025 0 Comments

Half of Ireland’s Workforce Blind to Phishing Threats—Is Your Business Next on the Hacker’s Hunting List?

Ever wonder how many of your coworkers could genuinely spot a phishing scam if it strutted right into their inbox? Turns out, just a bit over half of Irish office workers (52%, to be exact) are confident enough to say yes. Sounds like a decent number until you realize that a fifth are casually feeding sensitive business info into unsecured, free AI tools–a recipe that leaves businesses wide open to cyber calamities. What’s more, despite regular training for most, there’s a troubling 10% who’ve never gotten a lick of cybersecurity guidance. These stats aren’t just numbers; they’re a glaring wake-up call that hitting “report” on suspicious messages, understanding who owns cybersecurity responsibility, and truly grasping the risks of AI-driven attacks aren’t where they need to be yet. In a world where a single misstep can domino into a costly breach, it’s high time Irish organizations rethink how they prepare and protect their teams from the invisible but ever-present digital wolves lurking in the shadows. LEARN MORE

Just over half (52%) of Irish office workers are confident in their ability to identify phishing attacks, Accenture has found.

A survey of 1,000 Irish office workers also showed that one in five (19%) enter sensitive business data like customer details and financial information into free, unsecured AI tools, increasing the cyber risk posed to Irish businesses.

While most office workers receive training either quarterly or annually (65%), a tenth (10%) of respondents have never received cybersecurity training, highlighting a real gap in organisational preparedness.

The research also reveals that the vast majority of those surveyed (87%) have encountered suspicious messages at work. With impersonation attacks on the rise, 36% report receiving an email or text message impersonating a co-worker.

Regarding phishing, reporting culture is strong overall, with three in four (77%) saying they are likely to report a phishing attempt, but 46% saying they are unsure of what to do if they were to receive suspicious messages.

In addition, over half of those surveyed (56%) selected reasons that may discourage them from reporting a phishing or deepfake attack at work, such as not believing it’s serious (21%), not knowing who to report to (20%), and fear of being blamed (15%).

The research shows a near-even split between those who believe office workers (48%) are responsible for preventing cyberattacks and those who think it’s the job of IT professionals (42%), highlighting a lack of clarity and shared accountability.

In terms of cyber concerns, AI-driven phishing emails top the list for Irish office workers (47%), followed by identity theft through AI misuse (34%).

Deepfake threats are also a major worry, with 32% concerned about impersonations of their own likeness and 31% about deepfake videos impersonating leaders or executives.

“These findings highlight the evolving nature of cyber threats in the age of AI and the urgent need for businesses to address gaps in training, tools, and reporting culture,” said Jacky Fox, senior managing director at Accenture Cybersecurity.

“While 52% of employees feel confident spotting phishing attempts, it only takes one person to be deceived for an attack to succeed, and human error remains the leading cause of breaches.”

Fox added that the lack of clarity on responsibility shows that respondents treat security as a technical issue rather than a core part of business resilience, leaving organisations exposed when attacks disrupt operations, reputation, and trust.

“With AI-driven phishing and deepfake threats on the rise, businesses must prioritise training and foster a culture of shared accountability to stay protected,” she concluded.

To help address these challenges and gaps, Accenture has identified three key actions for Irish organisations to strengthen resilience and empower office workers:

Boost worker confidence in responding to threats

With only half (52%) of Irish office workers confident in their ability to identify phishing attacks, organisations need to prioritise clear and open communication to foster a culture of reporting.

This includes having well-publicised reporting channels and straightforward guidance, so office workers know exactly what to do when they encounter suspicious activity.

Equip office workers with practical skills

Upskilling is critical. Beyond basic awareness, organisations should invest in interactive training that simulates real-world phishing and deepfake scenarios.

Regular updates on emerging risks, especially those involving AI-generated content, will help office workers stay informed and prepared.

With 79% of employees now using, or planning on using AI tools at work, practical guidance on using AI safely — and recognising when it’s being exploited — is vital to strengthening defences.

Phishing — 52% of Irish office workers are confident in their ability to identify phishing attacks.
(Pic: Shane O’Neill, Coalesce)

Foster a culture of shared responsibility

Cybersecurity works best when it’s a team effort.

Encouraging peer accountability and recognising proactive behaviours, such as early reporting, reinforces the idea that protecting digital assets is everyone’s responsibility.

Photo: Jacky Fox. (Pic: Shane O’Neill, Coalesce)