The fragility of trust in the digital age (and how security earns it)

Trust is the invisible currency of the digital age. It’s what gives us all the confidence to hand over our data, click on a link, or transfer money without hesitation. But anyone working in tech needs to know that trust has never been more fragile. A 2025 report on mobile scams from Malwarebytes reveals that nearly half of mobile users encounter scams every single day – with the problem most acute in the US (51%) and UK (49%). 

Smartphones have become the primary interface for our work, shopping, and social lives. And that means they’ve also become the most direct portal for cybercriminals to exploit. The report describes them as “the new frontline of digital deception”. 

People are getting phishing texts from ever-changing numbers. They’re facing deepfake extortion attempts, and fraudulent ads that look indistinguishable from legitimate services. According to Malwarebytes, two in three people admit it’s difficult to “tell apart a scam from the real thing,” and only 15% strongly believe they can spot one. 

These rising threats mean trust is likely to continue breaking down; because the more you get hurt, the more wary you are of getting hurt again. 

Security is an enabler of trust 

When our colleagues at Black Hat MEA interviewed Daniel Bowden (CISO at Marsh McLennan), he said the role of security is to restore confidence:

“Now, I see security as an enabler of trust and resilience, not just a blocker of bad things.”

This is incredibly important, because the Malwarebytes report shows that the erosion of trust takes a serious toll on individuals, as well as on tech businesses. Three in four scam victims report serious emotional consequences, with nearly half struggling with anxiety, depression, or lost trust after being deceived. 

Broken trust has an impact far beyond the original scam. 

At LEAP 2022 (yes, we remember what our speakers said years ago – because everything they say inspires us), Ivana Bartoletti (Global Chief Privacy Officer at Wipro) argued that transformation itself depends on trust:

“We know that if we want to transform as organisations, as a country, we really need to build on people’s trust.” 

Without it, innovation grinds to a halt.

The human side of cyber risk 

The Malwarebytes data is striking not only for the scale of scams, but for their deeply personal impact. Thirty-six percent of users have fallen victim to a social engineering scam, and Gen Z is hit hardest: 28% report experiencing extortion scams, including deepfakes. 

One survey respondent described the experience of an impersonation scam as feeling like being in a “horror movie”. And another said bluntly, “I experienced discomfort and loss of trust, and I felt so stupid to fall for such a stupid trick.”

In another Black Hat MEA interview, Bernard Assaf (CISO at Airbus) reminded us that building resilience is about culture and communication – not just policies or tools. “We have to look beyond simple compliance statistics to gauge employee behaviour and engagement,” he said –  and that requires making threats relatable. To do that, security professionals and tech developers need to leverage the power of storytelling and public speaking to connect with people. 

Because trust isn’t a checkbox or a policy document; it lives in daily interactions, and it crumbles quickly when people feel tricked or left alone to deal with risk.

Facing the protection gap 

Scams are increasingly widespread and damaging, but many people don’t have the awareness or knowledge to protect themselves effectively. Malwarebytes found that while 77% of users worry about mobile risks, fewer than one in five actually use mobile security tools. And only 17% of victims report scams to authorities; with younger generations even less likely to report. 

The gap between awareness and action leaves space for resignation to set in. One in four users said they’ve “stopped caring” about mobile threats – they accept scams as an inevitable cost of being online, and don’t think there’s much they can do about it. 

Assaf shared a piece of advice that has always stuck with him: “Relationships matter more than titles.” And we think this applies here, because trust is human. If leaders can’t build strong relationships that encourage transparency, people will hide their mistakes – and attackers will exploit the silence.

Working together to rebuild trust

Scams are a daily reality. They’re causing emotional, psychological, financial, and operational harm. And lots of people aren’t using the basic protections available to them. 

But on the bright side, Malwarebytes’ research suggests there is a path to improve this. Regions like DACH, where regulation is stronger and digital norms are clearer, show lower levels of fear and better protective behaviours than elsewhere in the world. 

For organisations using digital tech, and for tech developers, this means treating security as a trust-building exercise rather than a compliance tick-box. We need to embed safeguards early, make them easy to use, and then tell the story of why they matter. And we have to recognise that the cost of broken trust goes beyond financial losses – it’s cultural, emotional, and reputational.

At LEAP, we celebrate the potential of technology to connect and empower. Over at Black Hat MEA, our colleagues confront the vulnerabilities that could tear that potential apart. Between the two lies the future: a digital ecosystem where trust is fragile, but not beyond repair; as long as we use security seriously as its enabler.