A nationwide phishing exercise in Singapore revealed that 17% of more than 4,500 employees clicked on fraudulent links, exposing vulnerabilities in workplace cybersecurity. Even more concerning, only 5% reported the phishing attempt, significantly lower than the global industry average of 18%.

One of the key findings was that employees were most likely to fall for phishing emails disguised as internal communications. This suggests that businesses need to reinforce security awareness, particularly regarding emails that appear to come from within their own organizations. The study also found that SMEs and large corporations were equally susceptible to phishing attempts, emphasizing that company size does not determine cybersecurity readiness.

The results make one thing clear—businesses must step up cybersecurity training, tighten defenses, and build a culture of vigilance.

With threats evolving fast, staying ahead means stronger awareness, smarter security, and quick action.