October 9, 2025
Summary:
- Recent research from the IEEE Computer Society notes that phishing training doesn’t work.
- The rise of generative AI is making it harder for individuals to determine what is real and what’s fake.
- Ideally, companies would take a layered approach that involves modern training tactics and technology.
More than 90% of successful cyberattacks begin with a phishing email. Companies spend billions each year on training programs designed to help employees spot and avoid these scams. But new research published by the IEEE Computer Society suggests that phishing training isn’t as effective as many had believed.
The research focused on the real-world effectiveness of anti-phishing training in the healthcare sector. Researchers found that, on average, users who received routine anti-phishing training were only marginally better at detecting phishing scams than those who did not. In total, the difference was approximately 1.7%. For several phishing campaigns, at least 10% of users in each group failed the simulated attack.
“Experience tells us that click-through simulations and awareness posters alone don’t build lasting resilience,” said IEEE Senior Member Elyson De La Cruz. “This is potentially due to over-exposure to simulations, which may cause alert fatigue, contributing to worse results at spotting real attacks.”
According to IEEE Senior Member Steven Furnell, the success of phishing training highly “depends on the form that it takes and how much effort is put into planning and supporting the users involved.”
Requiring employees to conduct online training that discusses threats and tests their ability to spot a few simplified examples isn’t likely to be effective on its own, Furnell said. Neither is running a series of mock phishing campaigns. These programs need internal awareness campaigns to support and reinforce them.
Additionally, attackers’ growing use of AI is making it more difficult for individuals to discern what’s real and what’s a scam. IEEE Senior Member Vaibhave Tupe advises that “while training can raise awareness, it does not reliably protect organizations against the scale and sophistication of modern phishing attacks.”
Generative AI’s Role in Increased Phishing Scams
According to McKinsey, there has been a 1200% surge in phishing attacks since the rise of generative AI in 2022. For threat actors, AI opens the door to refining their attack strategies in real-time, especially by making phishing attempts look more legitimate.
IEEE Senior Member, Kayne McGladrey said that “AI-generated phishing removes all the traditional warning signs that training programs teach people to look for.”
Typical training tells people to watch for bad grammar, weird formatting or implausible scenarios.
“However, AI can now create emails that are grammatically perfect, properly formatted and believable. It can even personalize attacks using information scraped from social media or data breaches.”
While AI does make it easier to create highly convincing phishing attacks, IEEE Senior Member Suélia de Siqueira Rodrigues Fleury Rosa says that AI is an opportunity for security leaders and organizations to innovate.
“The rise of agentic AI isn’t just a threat vector. It’s an opening for interdisciplinary innovation in security education,” she said. “By studying how autonomous systems plan, learn and make decisions, we can build defensive artificial intelligence systems that anticipate attacker moves. Universities and training programs must evolve to cover both the technical and ethical dimensions of AI-powered offense and defense.”
What Works?
So if phishing training doesn’t work, then what does?
“Effective phishing education requires immersive, engaging experiences that make cybersecurity thinking intuitive rather than burdensome,” IEEE Senior Member Shaila Rana said.
She noted that virtual reality and augmented reality environments can simulate realistic workplace scenarios where employees practice making decisions in safe, sandboxed, consequence-free settings while receiving immediate, constructive feedback. Gamification elements, interactive storytelling and scenario-based learning that adapts to individual roles and risk profiles prove more effective than generic email simulations, she continued.
“Ideally, future anti-phishing solutions should combine AI technical defenses with human-centered design principles that make secure behavior the easiest option.”
For McGladrey, however, technical defenses need to be the primary strategy.
“We’re moving into a world where even security-aware people can’t reliably tell the difference between legitimate and AI-crafted emails,” he said.
Ideal Anti-Phishing Solutions
Moving forward, phishing training should be modernized to address and adapt to ongoing threats, especially as AI usage grows worldwide.
According to IEEE Senior Member Márcio Andrey Teixeira, “the ideal phishing defense needs to be layered.” This includes baking in advanced AI filters to block malicious messages, strong authentication, such as passwordless logins, to limit damage, and continuous monitoring to detect threats in real time
People and employees remain a critical layer for organizations, as immersive, scenario-based training that reflects modern AI-driven scams is still needed.
“People are often called the weakest link, but the reality is more complex,” Teixeira said. “Phishing training alone is not enough; it is necessary to have technical defenses.”
Want to learn more about trends in cybersecurity? Check out “Meaningful Momentum or Running in Place: Strides in Our Cybersecurity Readiness.”







 AI Through Our Ages
                                              AI Through Our Ages Liquid Infrastructure: Our Planet's Most Precious Resource
                                              Liquid Infrastructure: Our Planet's Most Precious Resource The Impact of Technology in 2025
                                              The Impact of Technology in 2025 Quantum and AI: Safeguards or Threats to Cybersecurity?
                                              Quantum and AI: Safeguards or Threats to Cybersecurity? Why AI Can't Live Without Us
                                              Why AI Can't Live Without Us Bits, Bytes, Buildings and Bridges: Digital-Driven Infrastructure
                                              Bits, Bytes, Buildings and Bridges: Digital-Driven Infrastructure Impact of Technology in 2024
                                              Impact of Technology in 2024 Emerging AI Cybersecurity Challenges and Solutions
                                              Emerging AI Cybersecurity Challenges and Solutions The Skies are Unlimited
                                              The Skies are Unlimited Smart Cities 2030: How Tech is Reshaping Urbanscapes
                                              Smart Cities 2030: How Tech is Reshaping Urbanscapes Impact of Technology 2023
                                              Impact of Technology 2023 Cybersecurity for Life-Changing Innovations
                                              Cybersecurity for Life-Changing Innovations Smarter Wearables Healthier Life
                                              Smarter Wearables Healthier Life Infrastructure In Motion
                                              Infrastructure In Motion The Impact of Tech in 2022 and Beyond
                                              The Impact of Tech in 2022 and Beyond Cybersecurity, Technology and Protecting Our World
                                              Cybersecurity, Technology and Protecting Our World How Technology Helps us Understand Our Health and Wellness
                                              How Technology Helps us Understand Our Health and Wellness The Resilience of Humanity
                                              The Resilience of Humanity Harnessing and Sustaining our Natural Resources
                                              Harnessing and Sustaining our Natural Resources Creating Healthy Spaces Through Technology
                                              Creating Healthy Spaces Through Technology Exceptional Infrastructure Challenges, Technology and Humanity
                                              Exceptional Infrastructure Challenges, Technology and Humanity The Global Impact of IEEE's 802 Standards
                                              The Global Impact of IEEE's 802 Standards Scenes of our Cyber Lives: The Security Threats and Technology Solutions Protecting Us
                                              Scenes of our Cyber Lives: The Security Threats and Technology Solutions Protecting Us How Millennial Parents are Embracing Health and Wellness Technologies for Their Generation Alpha Kids
                                              How Millennial Parents are Embracing Health and Wellness Technologies for Their Generation Alpha Kids Space Exploration, Technology and Our Lives
                                              Space Exploration, Technology and Our Lives Global Innovation and the Environment
                                              Global Innovation and the Environment How Technology, Privacy and Security are Changing Each Other (And Us)
                                              How Technology, Privacy and Security are Changing Each Other (And Us) Find us in booth 31506, LVCC South Hall 3 and experience the Technology Moon Walk
                                              Find us in booth 31506, LVCC South Hall 3 and experience the Technology Moon Walk Virtual and Mixed Reality
                                              Virtual and Mixed Reality How Robots are Improving our Health
                                              How Robots are Improving our Health IEEE Experts and the Robots They are Teaching
                                              IEEE Experts and the Robots They are Teaching See how millennial parents around the world see AI impacting the lives of their tech-infused offspring
                                              See how millennial parents around the world see AI impacting the lives of their tech-infused offspring Take the journey from farm to table and learn how IoT will help us reach the rising demand for food production
                                              Take the journey from farm to table and learn how IoT will help us reach the rising demand for food production Watch technical experts discuss the latest cyber threats
                                              Watch technical experts discuss the latest cyber threats Explore how researchers, teachers, explorers, healthcare and medical professionals use immersive technologies
                                              Explore how researchers, teachers, explorers, healthcare and medical professionals use immersive technologies Follow the timeline to see how Generation AI will be impacted by technology
                                              Follow the timeline to see how Generation AI will be impacted by technology Learn how your IoT data can be used by experiencing a day in a connected life
                                              Learn how your IoT data can be used by experiencing a day in a connected life Listen to technical experts discuss the biggest security threats today
                                              Listen to technical experts discuss the biggest security threats today See how tech has influenced and evolved with the Games
                                              See how tech has influenced and evolved with the Games Enter our virtual home to explore the IoT (Internet of Things) technologies
                                              Enter our virtual home to explore the IoT (Internet of Things) technologies Explore an interactive map  showcasing exciting innovations in robotics
                                              Explore an interactive map  showcasing exciting innovations in robotics Interactively explore A.I. in recent Hollywood movies
                                              Interactively explore A.I. in recent Hollywood movies Get immersed in technologies that will improve patients' lives
                                              Get immersed in technologies that will improve patients' lives