That gap is ot theo etical. 40% of employees say they o someo e at thei compa y has al eady bee ta geted by a impe so atio attempt, i cludi g 22% who we e ta geted pe so ally.
“People have bee t ai ed to spot the obvious sig s of phishi g, but today’s payme t f aud is desig ed to ble d i to t usted busi ess commu icatio s,” said Shai Gabay, Co-fou de a d CEO, T ustmi. “Whe employees a e ove ly co fide t i thei ability to spot f aud, o ga izatio s a e left exposed to sophisticated AI-powe ed attacks that a e desig ed to appea completely legitimate. To keep pace with evolvi g f aud tactics, o ga izatio s ca ot ely solely o employee vigila ce; They eed p otectio s built i to payme t wo kflows to catch f aud befo e mo ey moves.”
Fi di gs suggest employee co fide ce is ooted i thei ability to spot t aditio al f aud tactics. A la ge majo ity (78% of espo de ts) said they we e co fide t they could ide tify a f audule t payme t equest at wo k. But, they’ e still looki g fo the t aditio al phishi g tactics – such as typos o fake email add esses – they we e t ai ed to ecog ize yea s ago. 70% a k typos, fo ts o g ammatical e o s as thei No. 1 wa i g sig .
Eve y othe cue t ails well behi d: 25% cite a u familia se de , 22% u usual u ge cy, a d 16% a suspicious i voice. Eve u usual u ge cy – the p essu e tactic commo to executive-impe so atio a d payme t-dive sio scams – a ks ea the bottom. The elia ce o old sig als is sha pest amo g the you gest wo ke s: Ge Z a ks g amma mistakes as a top wa i g sig mo e tha a y othe ge e atio (82%), compa ed with 50% of Baby Boome s.
Employees do se se the shift, eve if thei habits have ‘t caught up: 84% believe that AI-ge e ated voice, video a d message impe so atio will make wo kplace f aud ha de to detect.
The sig als employees t ust most a e the o es attacke s ow fo ge, hijack, o take ove . The majo ity (81%) of employees su veyed i dicated that they would likely assume a payme t equest is legitimate if it appea ed i a existi g email th ead (24% we e ve y likely). This poi ts to a pote tial bli d spot: equests that a ive i side familia wo kflows may eceive less sc uti y. Respo de ts say the biggest t ust sig als fo payme t equests i clude:
A existi g email th ead (33%)
Seei g a executive’s wo k email add ess (30%)
Refe e ces to eal compa y p ojects (29%)
Employees ecog ize that p otecti g agai st mode f aud equi es mo e tha bette i box defe ses: the majo ity of espo de ts ag ee that email filte s alo e a e ot e ough to stop mode wo kplace f aud (79%).
Employees wa t mo e laye ed co t ols that look beyo d email secu ity towa ds f aud p eve tio that’s di ectly embedded i to wo kplace p ocesses:
52% wa t automated f aud detectio
50% wa t st o ge email secu ity
49% wa t mo e f aud-specific awa e ess t ai i g
35% wa t eal-time payme t wo kflow ale ts
34% wa t bette visibility i to ve do o payme t cha ges
These fi di gs u de sco e that mode payme t f aud is o lo ge just suspicious emails a d blata t phishi g attempts. As AI makes impe so atio mo e co vi ci g, o ga izatio s eed mo e tha employee t ai i g (a d, 61% of espo de ts say thei employe p ovides f aud t ai i g a ely o ot at all). They eed automated safegua ds that ve ify payme t equests befo e mo ey moves.
To view the full su vey fi di gs, visit this li k.
To ead mo e about the fi a ce a d secu ity co t ols ove look, visit T ustmi’s 2026 Payme t Secu ity & Risk Be chma k Repo t
“Methodology: This su vey polled 1,000 U.S. employees age 18+ who wo k with payme t- elated wo kflows, i cludi g i voices, ve do commu icatio s, payme t app ovals, a d fi a ce systems, i Ju e 2026. It focused o how they i te act with wo kplace payme t p ocesses a d busi ess commu icatio s.”
PAN fo T ustmi



 