---
title: "5 Mind-Boggling Phishing Attacks in Australia 2023! | DMARC Report"
description: "Phishing remains the #1 initial access vector for cyberattacks, and email authentication (SPF + DKIM + DMARC) is the primary technical defense."
image: "https://dmarcreport.com/og/blog/5-mind-boggling-phishing-attacks-in-australia-2023.png"
canonical: "https://dmarcreport.com/blog/5-mind-boggling-phishing-attacks-in-australia-2023/"
---

Quick Answer

Phishing remains the #1 initial access vector for cyberattacks, and email authentication (SPF + DKIM + DMARC) is the primary technical defense.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2F5-mind-boggling-phishing-attacks-in-australia-2023%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=5%20Mind-Boggling%20Phishing%20Attacks%20in%20Australia%202023!&url=undefined%2Fblog%2F5-mind-boggling-phishing-attacks-in-australia-2023%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2F5-mind-boggling-phishing-attacks-in-australia-2023%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2F5-mind-boggling-phishing-attacks-in-australia-2023%2F&title=5%20Mind-Boggling%20Phishing%20Attacks%20in%20Australia%202023! "Share on Reddit") [ ](mailto:?subject=5%20Mind-Boggling%20Phishing%20Attacks%20in%20Australia%202023!&body=Check out this article: undefined%2Fblog%2F5-mind-boggling-phishing-attacks-in-australia-2023%2F "Share via Email") 

![5 Mind-Boggling Phishing Attacks in Australia 2023!](https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg) 

\*\*Phishing remains the #1 initial access vector for cyberattacks, and email authentication (SPF + DKIM + DMARC) is the primary technical defense. Per the [FBI’s 2022 IC3 Report](https://www.ic3.gov/Media/PDF/AnnualReport/2022%5FIC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year. DMARC with `p=reject` prevents attackers from spoofing your domain in phishing campaigns.

> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.

\_According to the [FBI’s 2022 Internet Crime Report (IC3)](https://www.ic3.gov/Media/PDF/AnnualReport/2022IC3Report.pdf), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses.

## Top Industries Affected by Phishing Attacks in 2023

- Finance sector
- Insurance sector
- Recruitment agencies
- Health service providers

## A Sneak-Peek Into Last Year’s Major Phishing Attack Incidents in Australia

## Nissan Australia

Nissan Australia, the popular Japanese car maker, was duped by the [Akira ransomware gang in December 2023](https://www.securityweek.com/ransomware-group-claims-100-gb-of-data-stolen-from-nissan/). Around \*\*100GB of sensitive data was stolen by the notorious Akira gang. _The automakers refused to entertain the ransom demand by the threat actors, and thereby, the latter threatened to leak all the personal details online_.

Nissan Australia warned its customers against the unfortunate [cyber hacking](https://www.nwkings.com/what-is-cyber-hacking) incident and requested them to \*\*be on their toes to prevent any scams or fraudulent activities.

Australian Cyber Security Center is \*\*working closely on this phishing attack by the Akira gang.

## Boeing

[LockBit](https://cybernews.com/news/boeing-data-leak-lockbit-ransomware/), a notorious group of threat actors attacked the distribution business of Boeing, the US plane maker. _The group managed to access a massive amount of personal data from Boeing on November 10th, 2023_. LockBit has demanded against \*\*50GB of compressed archived as well as backup files.

![Dmarc check](https://media.mailhop.org/dmarcreport/images/2024/02/dmarc-check-9.jpg) 

The defense and aerospace giant has assured that the cyber attack has \*\*not impacted flight safety or aircraft systems. Boeing is working closely with law enforcement authorities.

## Pizza Hut

September 2023 was fateful for Pizza Hut’s Australian operation. The CEO, Phil Reed, informed us about the [data breach](https://www.bleepingcomputer.com/news/security/keenan-warns-15-million-people-of-data-breach-after-summer-cyberattack/). This cybercrime incident \*\*compromised the data of a whopping [193,000 customers](https://www.bleepingcomputer.com/news/security/pizza-hut-australia-warns-193-000-customers-of-a-data-breach/).

\_Ever since the mishap, Pizza Hut Australia has beefed up [cyber security](https://dmarcreport.com/blog/what-is-cyber-threat-hunting/). The Pizza giant is working closely with cybersecurity experts, the **forensic department**, and other concerned authorities.

Pizza Hut further came up with an advisory for its customers as to how they can protect themselves from [malicious phishing actors](https://thehackernews.com/2024/01/invoice-phishing-alert-ta866-deploys.html).

## Latitude Financial

[Latitude Financial](https://www.theguardian.com/australia-news/2023/mar/27/latitude-financial-cyber-data-breach-hack-14m-customer-records-stolen) is one of the most renowned personal loan and financial services providers in Australia. Last year in March, Latitude got a huge blow when threat actors \*\*exposed sensitive details of around 1.2 million customers .

This includes driver’s licenses, passports, account statements, names, addresses, dates of birth, and so on. This cybercrime impacted the lives of over \*\*14 million people not only in Australia but in New Zealand as well.

_Shares in Latitude Financials went down by almost 3% because of the data breach_. Also, authorities questioned the need to store sensitive customer details **without appropriate security measures**.

## Duolingo

One of the most popular platforms for linguistic excellence, [Duolingo, was duped by cybercriminals](https://cybernews.com/security/hackers-exposed-duolingo-users-more-available-scraping/) back in January 2023\. The threat actors hacked into the [public profile information](https://www.bloomberg.com/news/articles/2023-11-28/dp-world-says-personal-employee-data-stolen-in-australian-hack) segment of Duolingo and compromised the data of a whopping 2.6 million users.

The hackers put up a \*\*sale worth $1500 against the sensitive details they accessed illegally on a [hacking forum](https://en.wikipedia.org/wiki/Hack%5FForums). _Duolingo acknowledged that one of their exposed APIs was leveraged by the threat actors to scrape user data_.

2023 was the year when cyber crimes surged at an \*\*alarmingly high rate in Australia. Biggies like Sony, [Wollongong University](https://www.itnews.com.au/news/university-of-wollongong-discloses-data-breach-603358), DP World, etc., fell prey to the cheap stunts of cybercriminals. The scammers made the most out of advanced technology to creep into the \*\*not-so-secured systems of these big brands.

![Dmarc check](https://media.mailhop.org/dmarcreport/images/2024/02/dmarc-check-9304.jpg) 

The lack of appropriate [email security](https://dmarcreport.com/blog/why-email-security-matters-and-how-to-get-it-right/) measures such as [SPF](https://dmarcreport.com/what-is-spf/), [DKIM](https://dmarcreport.com/what-is-dkim/), and [DMARC](https://dmarcreport.com/), as well as the advent of [artificial intelligence or AI](https://dmarcreport.com/blog/artificial-intelligence-and-the-serious-threat-of-sophisticated-email-attacks-and-automated-advertising-bots/), further worsened the scenario. [Generative AI](https://dmarcreport.com/blog/how-generative-ai-amplifies-hyper-realistic-phishing-attacks/), especially [ChatGPT](https://dmarcreport.com/blog/chatgpt-generated-phishing-emails-are-too-good-to-be-ignored/), \*\*became a top pick among threat actors to churn out persuasive and compelling email content as well as text messages. _Massive data breaches affected not just big companies but small businesses as well as individuals across Australia_.

It’s high time the Australian government and the [Australian Cyber Security Center](https://cybilportal.org/actors/australian-cyber-security-centre-acsc/) join hands to \*\*prevent further malicious penetration into personal systems.

## Topics

[ email security ](/tags/email-security/)[ News ](/tags/news/) 

![Vasile Diaconu](https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg) 

[ Vasile Diaconu ](/authors/vasile-diaconu/) 

Operations Lead

Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.

[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/) 

## Take control of your DMARC reports

Turn raw XML into actionable dashboards. Start free - no credit card required.

[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/) 

## Related Articles

[  Foundational 4m  Akira flaunts victims, Idaho targets orthodontist, AI granny protects  Nov 22, 2024 ](/blog/akira-flaunts-victims-idaho-targets-orthodontist-ai-granny-protects/)[  Foundational 4m  Alternatives to DMARCLY's Blog Section for Learning About Email Authentication and DMARC  Nov 6, 2023 ](/blog/alternatives-to-dmarclys-blog-section-for-learning-about-email-authentication-and-dmarc/)[  Foundational 4m  Ambient Light Spying, Cybersecurity Prices Drop, Euro 2024 Threats  Jul 10, 2024 ](/blog/ambient-light-spying-cybersecurity-prices-drop-euro-2024-threats/)[  Foundational 4m  An Overview of Email Security Landscape in 2023  May 30, 2023 ](/blog/an-overview-of-email-security-landscape-in-2023/)

```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"5 Mind-Boggling Phishing Attacks in Australia 2023!","description":"Phishing remains the #1 initial access vector for cyberattacks, and email authentication (SPF + DKIM + DMARC) is the primary technical defense.","url":"https://dmarcreport.com/blog/5-mind-boggling-phishing-attacks-in-australia-2023/","datePublished":"2024-02-08T10:25:05.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2024-02-08T10:25:05.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/5-mind-boggling-phishing-attacks-in-australia-2023/"},"articleSection":"foundational","keywords":"email security, News","wordCount":1039,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"5 Mind-Boggling Phishing Attacks in Australia 2023!","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"5 Mind-Boggling Phishing Attacks in Australia 2023!","item":"https://dmarcreport.com/blog/5-mind-boggling-phishing-attacks-in-australia-2023/"}]}
```