Close this search box.

Why cybercriminals love Australia


New research has found that Australians are twice as likely to face a phishing attack than people in the United States. 

Google researchers teamed up with academics from Standford University to study 1.2 billion phishing and malware-based emails collected from Gmail users over a five-month period last year. 

The idea was to understand what factors influenced a cyber criminal’s choice of target for phishing and malware-based email attacks. 

They found that your age, where you live, what devices you use, and whether your information has been compromised in a previous data breach all increased your chances of facing an attack. 

Having compromised details floating around online, as one example, boosted your odds of being targeted by phishing or malware emails by five times.  

The odds of being targeted also increased with age; people over 65 being 1.5 times more at risk of an attack than 18-24 year-olds. 

Around 17 million individuals were being targeted every week by hundreds of thousands of phishing and malware-based email campaigns, with many lasting only one day, the researchers found. 

The United States faces the largest volume of phishing attacks globally. 

Australia just slides into the top ten list of countries by volume of phishing emails in ninth spot, however it zooms up the charts for volume of malware-based email attacks, into third spot behind the US and UK. 

Per capita Australia is one of only two countries to face a greater than 2x risk of attack than the US (alongside the Democratic Republic of Congo), the researchers found. 

They hypothesized that a person’s country of residence, combined with their age, correlated with their level of wealth, which was likely to be a factor in who cyber criminals chose to target. 

A study of global wealth by Credit Suisse in 2020 found Australia topped the list for median wealth per adult at US$206,480, where the United States did not even make the top 20. 

However, the volume of email-based cyber attacks hitting Australians is likely to fall significantly in Google’s next assessment given the recent arrest of the man responsible for half of all phishing targeting Aussies (more on that later this week from us!)

Earlier this month Ukrainian police arrested the unnamed 39-year-old for allegedly developing and selling the U-Admin phishing kit to other cyber criminals. 

The malware was designed to steal login credentials from victims who fell for the email and SMS phishing attacks. 

Ukraine’s attorney-general at the time of the arrest said U-Admin was responsible for tens of millions of dollars in phishing-based losses globally, and more than 50 percent of all phishing in Australia in 2019. 

The best way to defend against a phishing attack is remain vigilant to all unexpected communications, whether by email, phone, or SMSQuestion any requests for your information, or for you to complete an action, and avoid logging into a service from a link in a message. 

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →