Phishing attacks are on the rise across the globe, and the Down Unders are facing the heat, too! Australia has always been a favorite among cybercriminals. 2023 was no different for the Aussies as multiple brands and businesses fell prey to threat actors.
Even though the Australian government is trying its best to protect the citizens from malicious cyber attacks, the phishing actors still manage to stay a step ahead of all the efforts and preventive measures. In the year 2022-23 alone, cybercrime incidents increased by 23%, with an average of one malicious attack being reported every 6 minutes.
Top Industries Affected by Phishing Attacks in 2023
- Finance sector
- Insurance sector
- Recruitment agencies
- Health service providers
A Sneak-Peek Into Last Year’s Major Phishing Attack Incidents in Australia
Nissan Australia, the popular Japanese car maker, was duped by the Akira ransomware gang in December 2023. Around 100GB of sensitive data was stolen by the notorious Akira gang. The automakers refused to entertain the ransom demand by the threat actors, and thereby, the latter threatened to leak all the personal details online.
Nissan Australia warned its customers against the unfortunate cyber hacking incident and requested them to be on their toes to prevent any scams or fraudulent activities.
Australian Cyber Security Center is working closely on this phishing attack by the Akira gang.
LockBit, a notorious group of threat actors attacked the distribution business of Boeing, the US plane maker. The group managed to access a massive amount of personal data from Boeing on November 10th, 2023. LockBit has demanded against 50GB of compressed archived as well as backup files.
Image sourced from sentinelone.com
The defense and aerospace giant has assured that the cyber attack has not impacted flight safety or aircraft systems. Boeing is working closely with law enforcement authorities.
Ever since the mishap, Pizza Hut Australia has beefed up cyber security. The Pizza giant is working closely with cybersecurity experts, the forensic department, and other concerned authorities.
Pizza Hut further came up with an advisory for its customers as to how they can protect themselves from malicious phishing actors.
Latitude Financial is one of the most renowned personal loan and financial services providers in Australia. Last year in March, Latitude got a huge blow when threat actors exposed sensitive details of around 1.2 million customers.
This includes driver’s licenses, passports, account statements, names, addresses, dates of birth, and so on. This cybercrime impacted the lives of over 14 million people not only in Australia but in New Zealand as well.
Shares in Latitude Financials went down by almost 3% because of the data breach. Also, authorities questioned the need to store sensitive customer details without appropriate security measures.
One of the most popular platforms for linguistic excellence, Duolingo, was duped by cybercriminals back in January 2023. The threat actors hacked into the public profile information segment of Duolingo and compromised the data of a whopping 2.6 million users.
The hackers put up a sale worth $1500 against the sensitive details they accessed illegally on a hacking forum. Duolingo acknowledged that one of their exposed APIs was leveraged by the threat actors to scrape user data.
2023 was the year when cyber crimes surged at an alarmingly high rate in Australia. Biggies like Sony, Wollongong University, DP World, etc., fell prey to the cheap stunts of cybercriminals. The scammers made the most out of advanced technology to creep into the not-so-secured systems of these big brands.
The lack of appropriate email security measures such as SPF, DKIM, and DMARC, as well as the advent of artificial intelligence or AI, further worsened the scenario. Generative AI, especially ChatGPT, became a top pick among threat actors to churn out persuasive and compelling email content as well as text messages. Massive data breaches affected not just big companies but small businesses as well as individuals across Australia.
It’s high time the Australian government and the Australian Cyber Security Center join hands to prevent further malicious penetration into personal systems.