Surge in Australian AI Usage and Phishing Threats Amid Rising Data Leaks
New research from Netskope Threat Labs indicates a significant rise in the number of Australian workers clicking on phishing links, alongside the growing use and associated risks of generative AI (genAI) applications in the workplace. The study reveals that an average of 1.2% of Australian employees clicked on a phishing link each month over the past year, marking a staggering 140% increase compared to the previous period. Phishing attempts predominantly involved impersonations of Microsoft and Google, which accounted for nearly one in five successful clicks. Attackers have increasingly targeted personal accounts linked to gaming platforms, personal cloud storage, and government services, while the focus on corporate credentials and sensitive company data remains a prevalent concern.
The report highlights that the widespread adoption of genAI applications in Australian organisations poses additional risks. A notable 87% of companies reported that employees accessed at least one genAI application monthly, up from 75% nine months ago. Among the most commonly used tools are ChatGPT (73%), Google Gemini (52%), and Microsoft Copilot (44%). However, there has been a recent decline in ChatGPT usage, while Gemini and Copilot usage trends upward. The report identifies inadvertent data exposure as a critical challenge, with employees frequently entering sensitive information into genAI tools. Intellectual property, source code, and regulated data represent 42%, 31%, and 20% of the information most often leaked through prompts or uploads. To mitigate risks, Australian organisations are implementing company-approved genAI solutions to enhance oversight and security controls, aiming to address the challenges posed by ‘shadow AI’ and the direct integration of genAI systems with enterprise datasets.
Categories: Phishing Trends, Generative AI Adoption, Data Security Risks
Tags: Phishing, Generative AI, Cybersecurity, Data Loss, Social Engineering, Corporate Credentials, Personal Accounts, AI Tools, Data Exposure, Shadow AI