New research has found that Australians are twice as likely to face a phishing attack than people in the United States.
Google researchers teamed up with academics from Standford University to study 1.2 billion phishing and malware-based emails collected from Gmail users over a five-month period last year.
The idea was to understand what factors influenced a cyber criminal’s choice of target for phishing and malware-based email attacks.
They found that your age, where you live, what devices you use, and whether your information has been compromised in a previous data breach all increased your chances of facing an attack.
Having compromised details floating around online, as one example, boosted your odds of being targeted by phishing or malware emails by five times.
The odds of being targeted also increased with age; people over 65 being 1.5 times more at risk of an attack than 18-24 year-olds.
Around 17 million individuals were being targeted every week by hundreds of thousands of phishing and malware-based email campaigns, with many lasting only one day, the researchers found.
The United States faces the largest volume of phishing attacks globally.
Australia just slides into the top ten list of countries by volume of phishing emails in ninth spot, however it zooms up the charts for volume of malware-based email attacks, into third spot behind the US and UK.
Per capita Australia is one of only two countries to face a greater than 2x risk of attack than the US (alongside the Democratic Republic of Congo), the researchers found.
They hypothesized that a person’s country of residence, combined with their age, correlated with their level of wealth, which was likely to be a factor in who cyber criminals chose to target.
A study of global wealth by Credit Suisse in 2020 found Australia topped the list for median wealth per adult at US$206,480, where the United States did not even make the top 20.
However, the volume of email-based cyber attacks hitting Australians is likely to fall significantly in Google’s next assessment given the recent arrest of the man responsible for half of all phishing targeting Aussies (more on that later this week from us!)
Earlier this month Ukrainian police arrested the unnamed 39-year-old for allegedly developing and selling the U-Admin phishing kit to other cyber criminals.
The malware was designed to steal login credentials from victims who fell for the email and SMS phishing attacks.
Ukraine’s attorney-general at the time of the arrest said U-Admin was responsible for tens of millions of dollars in phishing-based losses globally, and more than 50 percent of all phishing in Australia in 2019.
The best way to defend against a phishing attack is remain vigilant to all unexpected communications, whether by email, phone, or SMS. Question any requests for your information, or for you to complete an action, and avoid logging into a service from a link in a message.