Australians Voice Rising Cybersecurity Concerns as AI Fuels Surge in Phishing Threats ahead of Cybersecurity Awareness Month

Australia Lags Behind in Cybersecurity Readiness, Global Survey Reveals

MELBOURNE, AUSTRALIA, October 1, 2025 – Amid growing uncertainty around AI and a surge in cybersecurity breaches, Yubico has released key findings. Yubico is the leading provider of hardware authentication security keys. The company released its annual Global State of Authentication survey ahead of October’s Cybersecurity Awareness Month. Yubico commissioned the survey, and Talker Research conducted it. The survey gathered insights from 18,000 employed adults across nine countries. Participants included 2,000 from Australia, as well as respondents from France, Germany, and India. Other countries included Japan, Singapore, Sweden, the United Kingdom, and the United States.

The survey explored individuals’ cybersecurity habits in both their work and personal lives. It also examined the dangers of weak security practices. The survey evaluated growing concerns surrounding AI and its implications for security at work and home. The research revealed a growing disconnect between perceived security and actual cybersecurity habits. This was particularly evident in areas such as password use, Multi-Factor Authentication (MFA), and passkeys.

Growing Disconnect Between Security Awareness and Action

“Our survey revealed a glaring disconnect between awareness and action. Individuals are complacent about securing their own online accounts, and Australian organisations appear to be slow to adopt security best practices,” said Geoff Schomburgk, vice president for Asia Pacific and Japan at Yubico. “It’s not surprising that phishing is one of the easiest ways for hackers to gain access and 46% of Australian respondents said they have interacted with a phishing message in the last year. We must close the gap with strong, phishing-resistant authentication, education and action.”

AI Supercharges Phishing Threats

Nearly three-quarters (73%) of Australians believe phishing attempts have become more successful due to AI use. Additionally, 82% believe these attempts have become more sophisticated as a result of AI. Among Australians fooled by phishing messages, 24% disclosed email addresses. Another 21% gave their full names, while 18% provided their phone numbers. This leaves both individuals and businesses exposed to further cyber threats.

Australian Organizations Failing to Implement Basic Security Measures

While most Australians (79%) believe their organisation’s security options are secure, only 55% say their company uses MFA across all apps and services. In addition, 41% of employees report not receiving cybersecurity training at work, leaving significant gaps in organisational defences.

Key Findings: Australia’s Cybersecurity Vulnerabilities

• 46% of Australians admitted to having interacted with a phishing message in the last year, an alarming indicator of continued vulnerability to social engineering attacks.
• Gen Z stands out as the most susceptible demographic to phishing, with 62% reporting engagement (i.e. clicking a link, opening an attachment, etc.) with a phishing scam in the past year, which is much higher than other age groups.
• In fact, when shown a phishing email, 54% either believed it was an authentic message written by a human or were unsure. 35% of Australians said they believed the message came from a real, trusted source.
• Only 55% of Australians said their company uses MFA across all apps and services, and 41% of Australians reported never having received cybersecurity training from their employer.
• Despite low confidence in usernames and passwords (only 24% of Australians consider them the most secure), they remain the most common authentication method, used by 56% of Australians for work accounts and 57% for personal accounts.
• After Australian respondents realised they were successfully tricked into interacting with a phishing message, only 15% started using MFA, and only 18% reported the situation to someone at work.
• 31% of Australians still don’t have MFA set up for their personal email accounts, even though they are used to logging into their most critical online assets, including:

1. Social media (53%)
2. Banking (47%)
3. Mobile phone carrier (37%)
4. Online retailers (32%).

The Path Forward: Adopting Phishing-Resistant Authentication

“As cyber threats become more sophisticated, the good news is that the survey reveals that awareness of stronger, more secure authentication methods like device-bound passkeys, like those on a YubiKey, is increasing, but adoption is still low in Australia,” said Schomburgk. “Both individuals and organisations have the power to protect themselves by adopting these phishing-resistant solutions today. Modern MFA is clearly no longer just a nice-to-have and has quickly become essential for staying secure in our rapidly changing digital landscape.”

Download the detailed report overview here to explore the full survey results and practical recommendations. View the infographic here and watch the video message from the Vice President for Asia Pacific and Japan. For more information about Yubico and our security solutions, visit www.yubico.com.

About Yubico

Yubico (Nasdaq Stockholm: YUBICO) is a modern cybersecurity company on a mission to make the internet safer for everyone. As the inventor of the YubiKey, we set the gold standard for modern phishing-resistant, hardware-backed authentication. We stop account takeovers and make secure login simple.

Since 2007, we’ve helped shape global authentication standards, co-created FIDO2, WebAuthn, and FIDO U2F, and introduced the original passkey. Today, our passkey technology secures people and organisations in over 160 countries. It transforms how digital identity is protected from onboarding to account recovery.

Trusted by the world’s most security-conscious brands, governments, and institutions, YubiKeys work out of the box with hundreds of apps and services. They deliver fast, passwordless access without friction or compromise.

We believe strong security should never be out of reach. Through our philanthropic initiative, Secure it Forward, we donate YubiKeys to nonprofits supporting at-risk communities.

Dual-headquartered in Stockholm, Sweden and Santa Clara, California, Yubico is proud to be recognised as one of TIME’s 100 Most Influential Companies. We’re also named one of Fast Company’s Most Innovative Companies. Learn more at www.yubico.com.

*This survey polled 2,000 employed adults from each of these countries: the United States, United Kingdom, Australia, India, Japan, Singapore, France, Germany, and Sweden. This random double-opt-in survey was conducted by Talker Research. Talker Research is a market research company with members of MRS and ESOMAR. The survey took place between August 15 and August 27, 2025.

About Cyber News Live

Stay ahead of the cyber curve with Cyber News Live. We deliver real-time reporting, sharp threat intelligence, and educational content tailored for professionals, practitioners, and curious minds. From breaking breach alerts to deep dives on new attack vectors, our mission is simple. To make complex cyber topics clear and critical knowledge accessible to all.