5 Mind-Boggling Phishing Attacks in Australia 2023!

**Phishing remains the #1 initial access vector for cyberattacks, and email authentication (SPF + DKIM + DMARC) is the primary technical defense. Per the FBI’s 2022 IC3 Report, 300,497 US-based victims reported phishing incidents in a single year. DMARC with p=reject prevents attackers from spoofing your domain in phishing campaigns.

From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses.

Top Industries Affected by Phishing Attacks in 2023

• Finance sector

• Insurance sector

• Recruitment agencies

• Health service providers

A Sneak-Peek Into Last Year’s Major Phishing Attack Incidents in Australia

Nissan Australia

Nissan Australia, the popular Japanese car maker, was duped by the Akira ransomware gang in December 2023. Around **100GB of sensitive data was stolen by the notorious Akira gang. The automakers refused to entertain the ransom demand by the threat actors, and thereby, the latter threatened to leak all the personal details online.

Nissan Australia warned its customers against the unfortunate cyber hacking incident and requested them to **be on their toes to prevent any scams or fraudulent activities.

Australian Cyber Security Center is **working closely on this phishing attack by the Akira gang.

Boeing

LockBit, a notorious group of threat actors attacked the distribution business of Boeing, the US plane maker. The group managed to access a massive amount of personal data from Boeing on November 10th, 2023. LockBit has demanded against **50GB of compressed archived as well as backup files.

The defense and aerospace giant has assured that the cyber attack has **not impacted flight safety or aircraft systems. Boeing is working closely with law enforcement authorities.

Pizza Hut

September 2023 was fateful for Pizza Hut’s Australian operation. The CEO, Phil Reed, informed us about the data breach. This cybercrime incident **compromised the data of a whopping 193,000 customers.

_Ever since the mishap, Pizza Hut Australia has beefed up cyber security. The Pizza giant is working closely with cybersecurity experts, the forensic department, and other concerned authorities.

Pizza Hut further came up with an advisory for its customers as to how they can protect themselves from malicious phishing actors.

Latitude Financial

Latitude Financial is one of the most renowned personal loan and financial services providers in Australia. Last year in March, Latitude got a huge blow when threat actors **exposed sensitive details of around 1.2 million customers .

This includes driver’s licenses, passports, account statements, names, addresses, dates of birth, and so on. This cybercrime impacted the lives of over **14 million people not only in Australia but in New Zealand as well.

Shares in Latitude Financials went down by almost 3% because of the data breach. Also, authorities questioned the need to store sensitive customer details without appropriate security measures.

Duolingo

One of the most popular platforms for linguistic excellence, Duolingo, was duped by cybercriminals back in January 2023. The threat actors hacked into the public profile information segment of Duolingo and compromised the data of a whopping 2.6 million users.

The hackers put up a **sale worth $1500 against the sensitive details they accessed illegally on a hacking forum. Duolingo acknowledged that one of their exposed APIs was leveraged by the threat actors to scrape user data.

2023 was the year when cyber crimes surged at an **alarmingly high rate in Australia. Biggies like Sony, Wollongong University, DP World, etc., fell prey to the cheap stunts of cybercriminals. The scammers made the most out of advanced technology to creep into the **not-so-secured systems of these big brands.

The lack of appropriate email security measures such as SPF, DKIM, and DMARC, as well as the advent of artificial intelligence or AI, further worsened the scenario. Generative AI, especially ChatGPT, **became a top pick among threat actors to churn out persuasive and compelling email content as well as text messages. Massive data breaches affected not just big companies but small businesses as well as individuals across Australia.

It’s high time the Australian government and the Australian Cyber Security Center join hands to **prevent further malicious penetration into personal systems.