A recent study by cybersecurity company Abnormal Security revealed a 30% increase in the volume of phishing emails directed at Australians last year. Cybercriminals have shown a growing interest in the Asia-Pacific area, particularly due to its expanding influence in key sectors such as data centers and telecommunications.
Across the APAC region, credential phishing attacks witnessed a rise of 30.5% from 2023 to 2024. New Zealand experienced a 30% surge, while Japan and Singapore saw a 37% uptick. Of all sophisticated email attack varieties, including business email compromise and malware deployment, phishing showcased the most significant growth.
Abnormal Security’s VP of APJ, Tim Bentley, stated in a press release that “The increase in attack volume across the APAC region can be attributed to various factors, including the strategic importance of its nations as hubs for commerce, finance, and security.”
He further added, “This makes organizations in the region appealing targets for intricate email campaigns aimed at exploiting economic dynamics, disrupting vital industries, and pilfering confidential information.”
EXPLORE: 80% of Critical National Infrastructure Companies Experienced an Email Security Breach Last Year
Between 2023 and 2024, the median monthly rate of all sophisticated email attacks surged by 26.9% across APAC, encompassing Australia, New Zealand, Japan, and Singapore. This encompassed a 16% increase from Q1 to Q2 2024 and a 20% rise from Q2 to Q3.
While phishing was the predominant type of attack, BEC attacks, inclusive of executive impersonation and payment fraud, also saw a 6% annual increase in APAC. Abnormal Security highlighted that the average cost linked to a successful BEC attack exceeded USD $137,000 in 2023.
The Cybersecurity Challenge in Australia and the Rise of AI
The revelation of Australia being vulnerable to cyber attacks is not new. Findings from a Rubrik survey in the previous year disclosed that Australian enterprises reported the highest incidence of data breaches in comparison to global counterparts during 2023.
Antoine Le Tard, Rubrik’s VP for Asia-Pacific and Japan, mentioned that Australia is a prominent target due to being “a mature market and early adopter of cloud and enterprise security technologies,” possibly prioritizing swift implementation over comprehensive security.
At the national level, the stance on cybersecurity has been somewhat slow to progress. A report from the Australian Signals Directorate indicated that only 15% of government agencies attained the minimal cybersecurity level in 2024 – a stark drop from 25% in 2023. Furthermore, reluctance towards adopting passkey authentication methods has been observed among such entities, stemming from cybersecurity maturity issues in the public sector and the belief that its implementation is intricate.
The emergence of AI is also shaping the global security landscape. The availability of chatbots, both regular and illicitly modified for malicious intents, has facilitated quicker generation of content for phishing emails and lowered the barrier to entry, as they require no technical expertise to utilize. AI-driven chatbots were identified among Australia’s top AI threats for cyber professionals in 2025.
DISCOVER: Impacts of AI on Cybersecurity Landscape
The count of BEC attacks detected by cybersecurity firm Vipre in the second quarter of 2024 surpassed that of the same period in 2023 by 20% – with 40% of them generated by AI. In June, HP intercepted an email campaign dispersing malware in the wild, and the script used was highly likely created with the support of GenAI, as per a report by HP.
Moreover, adversaries have begun leveraging AI chatbots to establish trust with victims and subsequently deceive them. This approach mirrors how a corporation might implement AI to blend human interactions with AI chatbots to engage and “convert” individuals.
About Author
